Download Help

Free Java Update 8

Version 8 Update 51

Release date July 14, 2015

Your system currently has an older version of Java and you are receiving this update notification because a newer version has been automatically detected.

This release addresses security concerns. Oracle strongly recommends that all Java SE 8 users upgrade to this release.

Please install this free Java Update by clicking on the Update button on the Java Update window.

Installing this update will ensure that your Java applications continue to run as safely and efficiently as always.

Release Highlights

  • IANA Data 2015d
    JDK 8u51 contains IANA time zone data version 2015d. For more information, refer to Timezone Data Versions in the JRE Software.
  • Bug Fix: Root Certificate Authority (CA) changes
    More info
  • Bug Fix: Deprecate RC4 in SunJSSE provider
    RC4 is now considered as a weak cipher. Servers should not select RC4 unless there is no other stronger candidate in the client requested cipher suites. A new security property, jdk.tls.legacyAlgorithms, is added to define the legacy algorithms in Oracle JSSE implementation. RC4 related algorithms are added to the legacy algorithms list. See JDK-8074006 (not public).
  • Bug Fix: Prohibit RC4 cipher suites
    RC4 is now considered as a compromised cipher. RC4 cipher suites have been removed from both client and server default enabled cipher suite list in Oracle JSSE implementation. These cipher suites can still be enabled by SSLEngine.setEnabledCipherSuites() and SSLSocket.setEnabledCipherSuites() methods. See JDK-8077109 (not public).
  • Bug Fix: Improved certification checking
    With this fix, JSSE endpoint identification does not perform reverse name lookup for IP addresses by default in JDK. If an application does need to perform reverse name lookup for raw IP addresses in SSL/TLS connections, and encounter endpoint identification compatibility issue, System property "jdk.tls.trustNameService" can be used to switch on reverse name lookup. Note that if the name service is not trustworthy, enabling reverse name lookup may be susceptible to MITM attacks. See JDK-8067695 (not public).

For a list of bug fixes included in this release, see JDK 8u51 Bug Fixes page.

Java Expiration Date

The JRE expires whenever a new release with security vulnerability fixes becomes available. Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Third Party Bulletin. This JRE (version 8u51) will expire with the release of the next critical patch update scheduled for October 20. 2015.

For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u51) on November 20, 2015. After either condition is met (new release becoming available or expiration date reached), Java will provide additional warnings and reminders to users to update to the newer version.

Related Information

» More information on Java Update
» Detailed technical information about this release can be found in the Java 8 Release Notes.
» Previous release changes FAQ

Select Language | About Java | Support | Developers
Privacy | Terms of Use | Trademarks | Disclaimer