Java.com

Download Help

Free Java Update 8

Version 8 Update 161

Release date January 16, 2018

Your system currently has an older version of Java and you are receiving this update notification because a newer version has been automatically detected.

This release addresses security concerns. Oracle strongly recommends that all Java SE 8 users upgrade to this release.

Please install this free Java Update by clicking on the Update button on the Java Update window.


Installing this update will ensure that your Java applications continue to run as safely and efficiently as always.


Release Highlights

  • IANA Data 2017c
    JDK 8u161 contains IANA time zone data version 2017c. For more information, refer to Timezone Data Versions in the JRE Software.
  • New Feature: Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
    Enhance the JDK security providers to support 3072-bit DiffieHellman and DSA parameters generation, pre-computed DiffieHellman parameters up to 8192 bits and pre-computed DSA parameters up to 3072 bits.
  • New Feature: Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
    Enhance the JDK security providers to support 3072-bit DiffieHellman and DSA parameters generation, pre-computed DiffieHellman parameters up to 8192 bits and pre-computed DSA parameters up to 3072 bits.
  • New Feature: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
    The JDK SunJSSE implementation now supports the TLS FFDHE mechanisms defined in RFC 7919. If a server cannot process the supported_groups TLS extension or the named groups in the extension, applications can either customize the supported group names with jdk.tls.namedGroups, or turn off the FFDHE mechanisms by setting the System Property jsse.enableFFDHEExtension to false.
  • Change: RSA public key validation
    In 8u161, the RSA implementation in the SunRsaSign provider will reject any RSA public key that has an exponent that is not in the valid range as defined by PKCS#1 version 2.2. This change will affect JSSE connections as well as applications built on JCE.
  • Change: Restrict Diffie-Hellman keys less than 1024 bits
    Diffie-Hellman keys less than 1024 bits are considered too weak to use in practice and should be restricted by default in SSL/TLS/DTLS connections. Accordingly, Diffie-Hellman keys less than 1024 bits have been disabled by default by adding 'DH keySize < 1024' to the 'jdk.tls.disabledAlgorithms' security property in the java.security file. Although it is not recommended, administrators can update the security property ('jdk.tls.disabledAlgorithms') and permit smaller key sizes (for example, by setting 'DH keySize < 768').
  • Change: Provider default key size is updated
    This change updates the JDK providers to use 2048 bits as the default key size for DSA instead of 1024 bits when applications have not explicitly initialized the java.security.KeyPairGenerator and java.security.AlgorithmParameterGenerator objects with a key size.
    If compatibility issues arise, existing applications can set the system property jdk.security.defaultKeySize introduced in JDK-8181048 with the algorithm and its desired default key size.

» More information on 8u161

Bug Fixes

This release contains fixes for security vulnerabilities. For more information, see the Oracle Java SE Critical Patch Update Advisory.

For a list of bug fixes included in this release, see JDK 8u161 Bug Fixes page.

Java Expiration Date

The JRE expires whenever a new release with security vulnerability fixes becomes available. Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Third Party Bulletin. This JRE (version 8u161) will expire with the release of the next critical patch update scheduled for April 17, 2018.

For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u161) on May 17, 2018. After either condition is met (new release becoming available or expiration date reached), Java will provide additional warnings and reminders to users to update to the newer version.


Related Information

» More information on Java Update
» Detailed technical information about this release can be found in the Java 8 Release Notes.
» Previous release changes FAQ




Select Language | About Java | Support | Developers | Feedback
Privacy  | Terms of Use | Trademarks | Disclaimer

Oracle