Java update 17 is now available and includes security fixes… again. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications, in other words they affect the end user.

These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user's system.

Oracle recommends everyone update ASAP if you are running Java 7 update 15 or older and Java 6, update 41 and older. Java SE fixes in this Security Alert are cumulative; this latest update includes all fixes from previous Critical Patch Updates and Security Alerts.

Java update 6 is available at http://www.oracle.com/technetwork/java/javase/downloads/jre6downloads-1902815.html which gives you the options of downloading

Java update 7 is also available at http://java.com/en/download/index.jsp which will detect your operating system and offer you the correct version.

You can also be sure of the latest version via Majorgeeks at:

Version 6: http://www.majorgeeks.com/Sun_Java_Runtime_Environment_6_d4648.html
Version 7: http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d7567.html