Much maligned and often patched in the past, Oracle released Java Standard Edition (SE) 8, Java Development Kit (JDK) 8, and Java Runtime Environment (JRE) 8 this week.
The new releases work on Windows 8, Windows 7, Windows Vista, and Windows Server 2008 and 2012, but not on Windows XP, which is phasing out next month. On most Linux and OS X versions only 64-bit Java Runtime Environment ends up supported.
There are quite a few security changes in the new release as well as new features.
Among them are client-side TLS 1.2 enabled by default, stronger algorithms for password-based encryption, support for AEAD algorithms, enhanced Support for NSA Suite B Cryptography, SSL/TLS Server Name Indication (SNI) Extension support in JSSE Server, better Support for High Entropy Random Number Generation.
It is no secret throughout the industry that unpatched Java vulnerabilities end up taken advantage by exploit kits. If a users ends up installing the new release, he or she must remain vigilant and make sure to update it frequently.