Oracle has released a new Java security update to address multiple vulnerabilities, including one exploited during a recently disclosed attack that can allow eavesdropping on encrypted communications.