Free Java Update 8

Version 8 Update 471

Release date: October 21, 2025

Important Oracle Java License Information

The Oracle Java License changed for releases starting April 16, 2019.

The Oracle Technology Network License Agreement for Oracle Java SE is substantially different from prior Oracle Java licenses. This license permits certain uses, such as personal use and development use, at no cost -- but other uses authorized under prior Oracle Java licenses may no longer be available. Please review the terms carefully before downloading and using this product. An FAQ is available here.

Commercial license and support is available with a low cost Java SE Subscription.

Oracle also provides the latest OpenJDK release under the open source GPL License at jdk.java.net.

 

Your system currently has an older version of Java and you are receiving this update notification because a newer version has been automatically detected.

This release addresses security concerns. Oracle strongly recommends that all Java SE 8 users upgrade to this release.

Please install this free Java Update by clicking on the Update button on the Java Update window.



 

Installing this update will ensure that your Java applications continue to run as safely and efficiently as always.


Release Highlights
  • JDK 8u471 contains IANA time zone data 2025b .
    For more information, refer to Timezone Data Versions in the JRE Software.
  • New Features: Mechanism to Disable TLS Cipher Suites by Pattern Matching
    TLS cipher suites can be disabled with the jdk.tls.disabledAlgorithms security property in the java.security configuration file using one or more * wildcard characters. For example, "TLS_RSA_*" disables all cipher suites that start with "TLS_RSA_". Only cipher suites starting with "TLS_" are allowed to have wildcard characters.
    See JDK-8341964
  • New Features: Thread and Timestamp Options for java.security.debug System Property
    The java.security.debug system property now accepts arguments which add thread ID, thread name, caller information, and timestamp information to debug statements for all components or a specific component.
    +timestamp can be appended to debug options to print a timestamp for that debug option. +thread can be appended to debug options to print thread and caller information for that debug option.
    Examples: -Djava.security.debug=all+timestamp+thread adds timestamp and thread information to every debug statement generated.
    -Djava.security.debug=properties+timestamp adds timestamp information to every debug statement generated for the properties component.
    You can also specify -Djava.security.debug=help which will display a complete list of supported components and arguments.
    See JDK-8051959
  • Removed Features and Options: Removed Four AffirmTrust Root Certificates
    The following root certificates, which are deactivated and no longer in use, have been removed from the cacerts keystore:
    + alias name "affirmtrustcommercialca [jdk]"
    Distinguished Name: CN=AffirmTrust Commercial, O=AffirmTrust, C=US
    + alias name "affirmtrustnetworkingca [jdk]"
    Distinguished Name: CN=AffirmTrust Networking, O=AffirmTrust, C=US
    + alias name "affirmtrustpremiumca [jdk]"
    Distinguished Name: CN=AffirmTrust Premium, O=AffirmTrust, C=US
    + alias name "affirmtrustpremiumeccca [jdk]"
    Distinguished Name: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US
    See JDK-8303770
  • Other Notes: Disable "best-fit" Mapping on Windows Command Line
    Command line arguments to the Java launcher are no longer converted with Windows' "best-fit" mapping when the arguments include unmappable characters for the ANSI code page. This mapping has been intervening in the Java launcher's argument parsing. Unmappable characters are now replaced with the default replacement character, such as '?' in some cases. For rare cases, where applications need those unmappable characters on the command line, select UTF-8 in Windows Regional Settings.
    See JDK-88337506
  • Other Notes: Improved Logging Behavior for javax.net.debug=ssl JSSE Debug Property
    The logging behavior of the TLS javax.net.debug system property has been improved in this release. The javax.net.debug property is used to generate TLS debug logs from the default JSSE provider. Previously, using the ssl option via -Djavax.net.debug=ssl produced very limited output, which reduced its usefulness for troubleshooting.
    With this update, setting -Djavax.net.debug=ssl now enables comprehensive SSL debug logging, except for the data, packet, and plaintext sub-options. Applications using this option will now see significantly more detailed debug information in logs.
    See JDK-8044609
» More information on 8u461

Bug Fixes

This release also contains fixes for security vulnerabilities described in the Oracle Critical Patch Update. For a more complete list of the bug fixes included in this release, see 8u471 Release notes.

Java Expiration Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 8u471) be used after the next critical patch update scheduled for January 20, 2026.

Java Management Service, available to all users, can help you find vulnerable Java versions in your systems. Java SE Subscribers and customers running in Oracle Cloud can use Java Management Service to update Java Runtimes and to do further security reviews like identifying potentially vulnerable third party libraries used by your Java programs. Existing Java Management Service user click here to log in to your dashboard. The Java Management Service Documentation provides a list of features available to everyone and those available only to customers. Learn more about using Java Management Service to monitor and secure your Java Installations.

For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u471) on 2026-02-20. After either condition is met (new release becoming available or expiration date reached), the JRE will provide additional warnings and reminders to users to update to the newer version. For more information, see 23.1.2 JRE Expiration Date in the Java Platform, Standard Edition Deployment Guide.


Related Information

» More information on Java Update
» Detailed technical information about this release can be found in the Java 8 Release Notes.
» Previous release changes FAQ