Sun Microsystems just released Java 6 Update 10. Should you care?
Sun Microsystems released a new version of Java for Windows, Linux and Solaris a few days ago. Should you rush out to install it? Probably not.
First a bit of level-setting. Version numbers are an ongoing annoyance with Java, and this latest go-round is no different. The new release is identified with six names:
New software typically has both new features and bug fixes, but this release of Java only has new features. Sun's release notes say "this feature release does not contain any new fixes for security vulnerabilities to its previous release, Java SE 6 Update 7. Users who have Java SE 6 Update 7 have the latest security fixes and do not need to upgrade to this release to be current on security fixes."
From what I've read, this appears to be a pretty big release. There are many new features including some affecting the core of the product. New features inevitably mean new bugs, thus the safer approach is wait. Anyone currently running the previous version of Java (1.6.0_7) is therefore best off doing nothing. To see which version, if any, you have installed simply visit Javatester.org.
If, however, you have an older version of Java installed, then you should update it to 1.6.0_7 (a.k.a. Java 6 Update 7). You can download the older version of Java at java.sun.com/products/archive/j2se/6u7/index.html. Click on the "Download JRE" link.*
If and when the time comes that you need one of the new Java features, that's the time to upgrade. Chances are, that by that time, the new features may have had a bug or two fixed.
One exception, is anyone using Google's Chrome browser, which requires the latest version (1.6.0_10) of Java.
Mac users don't have a decision, there is no new release of Java for OS X. For whatever reason, Sun--the company that developed Java--does not supply it for Macs. But Apple does, and Apple is always behind the curve in terms of new releases.
To take a step back, do you need Java at all? If for nothing else, Java is required for the Secunia Online Software Inspector, which I wrote about two days ago.
*Here is an alternate link directly to the EXE file for Windows users. This should download file jre-6u7-windows-i586-p.exe, which is about 15MB. Surprisingly, CNET's own Download.com is a bit behind on Java releases.
See a summary of all my Defensive Computing postings.