Java Exploit
Security Alert CVE-2016-0603 Released for Windows
On February 5, 2016 Oracle posted a blog entry stating the re was a Security Exploit that would allow attackers to compromise a computer without users ever knowing. The exploit is rather complex and can only happen during the install process, it is still there. Oracle advises you get the latest update level of your current release.
“Java users who have downloaded any old version of Java prior to 6u113, 7u97 or 8u73, should discard these old downloads and replace them with 6u113, 7u97 or 8u73 or later.”
You can read the blog entry or you can get your patch along with a description here