Title

The version of the JRE running on the system must be the most current available. (Cat II impact)

Discussion

The JRE is being continually updated by the vendor in order to address identified security vulnerabilities. Running an older version of the JRE can introduce security vulnerabilities to the system.

Check Content

Open a terminal window and type the command; "java -version" sans quotes. The return value should contain Java build information; "Java (TM) SE Runtime Environment (build x.x.x.x)" Cross reference the build information on the system with the Oracle Java site to identify the most recent build available. http://www.oracle.com/technetwork/java/javase/downloads/index.html

Fix Text

Test applications to ensure operational compatability with new version of Java. Install latest version of Java JRE.

Additional Identifiers

Rule ID: SV-51130r1_rule

Vulnerability ID: V-39239

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.