It’s also integral to the intranet applications and other e-business solutions that are the foundation of corporate computing. Installing this update will ensure that your Java applications continue to run as safely and efficiently as always.
The JRE is the Java Runtime Environment, it covers most end-users needs. Contains everything required to run Java applications on your system. It is a package of everything necessary to run a compiled Java program, including the Java Virtual Machine (JVM), the Java Class Library, the java command, and other infrastructure. However, it cannot be used to create new programs.
The JDK is the Java Development Kit, the full-featured SDK for Java. It has everything the JRE has, but also the compiler (javac) and tools (like javadoc and jdb). It is capable of creating and compiling programs.
Usually, if you only care about running Java programs on computer you will only install the JRE. It’s all you need. On the other hand, if you are planning to do some Java programming, you need to install the JDK instead.
Sometimes, even if you are not planning to do any Java development on a computer, you still need the JDK installed. For example, if you are deploying a web application with JSP, you are technically just running Java programs inside the application server. Why would you need the JDK then? Because the application server will convert JSP into Java servlets and needs to use the JDK to compile the servlets.
The full version string for this update release is 11.0.19+9 (where «+» means «build»). The version number is 11.0.19.
Complete release notes for Java 11 can be found here.
What is Java?
Java is a programming language and software platform. Examples of applications that use Java are numerous and widespread but include web browsers, office applications and even mainstream games like Minecraft are based on Java.
What is Java JDK?
The Java Development Kit (JDK) is the full-featured software development kit for Java developers. It has everything the JRE has, but adds the compiler (javac) and tools (like javadoc and jdb). The JDK allows you to create and compile Java programs.
Is Java free to use?
Yes, Java is free to use under the jdk.java.net license. This means anyone can download it for personal or development use at no cost. Oracle does charge for long term support, but this is optional.
IANA Data 2020a
JDK 11.0.16 contains IANA time zone data 2021a. For more information, refer to Timezone Data Versions in the JRE Software.
Security Baselines
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 11.0.16 are specified in the following table:
JRE Family Version = JRE Security Baseline (Full Version String)
- 11 = 11.0.19+9
- 8 = 8u371-b11
Keeping the JDK up to Date
Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 11.0.13) be used after the next critical patch update scheduled for January 18, 2022.
Java Development Kit 64-bit (also known as JDK) contains the software and tools that you need to compile, debug, and run applets and applications that you’ve written using the Java programming language. JDK has as its primary components a collection of programming tools, including javac, jar, and the archiver, which packages related class libraries into a single JAR file. This tool also helps manage JAR files, javadoc — the documentation generator, which automatically generates documentation from source code comments, jdb — the debugger, jps — the process status tool, which displays process information for current Java processes, javap — the class file disassembler, and so many other components.
The JDK 64-bit also comes with a complete Java Runtime Environment, usually called a private runtime. It consists of a Java Virtual Machine and all of the class libraries present in the production environment, as well as additional libraries only useful to developers, and such as the internationalization libraries and the IDL libraries. Download Java Development Kit Offline Installer Setup 64bit for Windows
Contents of the JDK:
Development Tools
(In the bin/ subdirectory) Tools and utilities that will help you develop, execute, debug, and document programs are written in the JavaTM programming language.
Runtime Environment
(In the jre/ subdirectory) An implementation of the Java Runtime Environment (JRE) for use by the JDK. The JRE includes a Java Virtual Machine (JVM), class libraries, and other files that support the execution of programs written in the Java programming language.
Additional Libraries
(In the lib/ subdirectory) Additional class libraries and support files required by the development tools.
Demo Applets and Applications
(In the demo/ subdirectory) Examples, with source code, of programming for the Java platform. These include examples that use Swing and other Java Foundation Classes, and the Java Platform Debugger Architecture.
Sample Code
(In the sample subdirectory) Samples, with source code, of programming for certain Java API’s.
C header Files
(In the include/ subdirectory) Header files that support native-code programming using the Java Native Interface, the JVM Tool Interface, and other functionality of the Java platform. Download Java Development Kit Offline Installer Setup 64bit for Windows
Source Code
(In src.zip) Java programming language source files for all classes that make up the Java core API (that is, source files for the java.*, javax.* and some org.* packages, but not for com.sun.* packages). This source code is provided for informational purposes only, to help developers learn and use the Java programming language. These files do not include platform-specific implementation code and cannot be used to rebuild the class libraries. To extract these files, use any common zip utility. Or, you may use the Jar utility in the JDK’s bin/ directory: jar xvf src.zip.
Also Available: Download Java Development Kit for Mac
Download Java Development Kit (64-bit) Latest Version
Java Runtime Environment (JRE) allows you to play online games, chat with people around the world, calculate your mortgage interest, and view images in 3D, just to name a few. It’s also integral to the intranet applications and other e-business solutions that are the foundation of corporate computing.
It provides the libraries, the Java Virtual Machine, and other components to run applets and applications written in the Java programming language. In addition, two key deployment technologies are part of the JRE: Java Plug-in, which Enables Applets to Run in Popular Browsers; and Web Start, which deploys standalone applications over a network. Many cross-platform applications also require Java to operate properly.
It is a programming language and computing platform first released by Sun Microsystems in 1995. There are lots of applications and websites that will not work unless you have Java installed, and more are created every day.
The program is fast, secure, and reliable. From laptops to datacenters, game consoles to scientific supercomputers, cell phones to the Internet, Java is everywhere! It is at the heart of the digital lifestyle. It’s the platform for launching careers, exploring human-to-digital interfaces, architecting the world’s best applications, and unlocking innovation everywhere—from garages to global organizations.
- Java Virtual Machine (JVM): JRE includes a Java Virtual Machine (JVM), which is responsible for executing Java bytecode.
- Class Libraries: It includes a set of class libraries that provide a wide range of functionality for Java programs. These libraries include collections, I/O, networking, security, and many other features.
- Security: It provides a robust security model that ensures that Java programs run in a secure environment. It includes features such as sandboxing, code signing, and permission-based access control.
- Automatic Memory Management: It includes automatic memory management, which means that the JVM automatically manages the allocation and deallocation of memory for Java programs.
- Platform Independence: Java programs that run on JRE are platform-independent, which means that they can run on any platform that has JRE installed, regardless of the underlying hardware or operating system.
- Internationalization: It provides support for internationalization and localization, which allows Java programs to run in different languages and regions.
- Deployment: It provides an easy and convenient way to deploy Java programs on various platforms, such as desktops, servers, and mobile devices.
How to Use
- Install JRE: First, you need to download and install the latest version of JRE from the official Java website or FileHorse.
- Write Java code: Next, write Java code using any text editor or integrated development environment (IDE) like Eclipse, NetBeans, or IntelliJ IDEA.
- Compile Java code: Once you have written your Java code, you need to compile it into byte code using the Java compiler. You can do this by running the «javac» command in the command prompt or terminal.
- Run Java program: After compiling your Java code, you can run it using the «java» command in the command prompt or terminal. This will execute the Java Virtual Machine (JVM) and load your byte code.
- Test and debug: You can test and debug your Java program using various tools provided by the IDE or through the command prompt. This will help you find and fix any errors or bugs in your code.
- Distribute Java program: Finally, once you have tested and debugged your Java program, you can distribute it to others. You can package your code into a JAR (Java Archive) file and distribute it to others who have JRE installed on their computers.
What is Java Runtime Environment (JRE)?
A: Java Runtime Environment (JRE) is a software package that provides the necessary components to run Java programs. It includes the Java Virtual Machine (JVM), libraries, and other components required to run Java applications.
What is the difference between JRE and JDK?
A: JDK (Java Development Kit) is a software development kit that includes the JRE, along with other tools like compilers and debuggers that are needed to develop Java applications. JRE is used to run Java programs, while JDK is used to develop them.
Can I run Java applications without installing JRE?
A: No, you need to install JRE in order to run Java applications.
How do I check if JRE is installed on my computer?
A: You can check if JRE is installed on your computer by typing «java -version» in the command prompt or terminal. If JRE is installed, it will display the version information.
Is JRE free to use?
A: Yes, JRE is free to use for personal and commercial purposes.
Can I install multiple versions of JRE on my PC?
A: Yes, you can install multiple versions of JRE on your computer. However, it is recommended to use the latest version of JRE to ensure security and performance.
Can I uninstall older versions of JRE after installing a new version?
A: Yes, you can uninstall older versions of JRE after installing a new version. It is recommended to keep only the latest version of JRE installed on your computer.
Do I need to update JRE regularly?
A: Yes, it is recommended to update JRE regularly to ensure security and performance. Java updates usually contain bug fixes, security patches, and performance improvements.
Why should I upgrade to the latest version?
A: The latest version contains important enhancements to improve the performance, stability, and security of the applications that run on your machine. Installing this free update will ensure that your applications continue to run safely and efficiently.
What will I get when I download software?
A: The Java Runtime Environment 64 bit (JRE desktop app) is what you get when you download software. The JRE consists of the Java Virtual Machine (JVM), Java platform core classes, and supporting Java platform libraries. The JRE is the runtime portion of the software, which is all you need to run it in your Web browser.
What is Java Plug-in software?
A: The program is a component of the (JRE). The JRE allows applets written in the programming language to run inside various internet browsers. The Plug-in software is not a standalone program and cannot be installed separately.
I have heard the terms Virtual Machine and JVM. Is this software?
A: The Virtual Machine is only one aspect of software that is involved in web interaction. The Java Virtual Machine is built right into your software download and helps run Java apps.
- OS: Windows 7, 8, 8.1, 10, 11, Windows Server 2012, Windows Server 2016, and Windows Server 2019
- Processor: It requires a minimum of a Pentium 2 266 MHz processor, although a faster processor is recommended for optimal performance.
- Memory: It requires a minimum of 128 MB of RAM, although a larger amount of RAM is recommended for running complex Java programs.
- Disk space: It requires a minimum of 124 MB of disk space for installation, although a larger amount of disk space is recommended for running Java programs.
- Display: It requires a minimum display resolution of 800 x 600 pixels, although a higher resolution is recommended for better display quality.
Overall, Java Runtime Environment (JRE) is a software environment that provides a runtime platform for running Java programs. It includes a Java Virtual Machine (JVM), class libraries, and other features that make it easy for developers to create and run Java applications.
JRE is a powerful and flexible platform that offers features such as platform independence, automatic memory management, security, and internationalization. This makes it an ideal choice for developing and running applications on various platforms, including desktops, servers, and mobile devices.
Note: When your installation completes, you may need to restart your browser (close all browser windows and re-open) to enable the installation.
Also Available: Download Java Runtime Environment for Mac
Download Java JRE 8 Update 211 (64-bit)
What’s New
- The northern edge of Chihuahua changes to US timekeeping.
- Much of Greenland stops changing clocks after March 2023.
- Fix some pre-1996 timestamps in northern Canada.
- C89 is now deprecated; please use C99 or later.
- Portability fixes for AIX, libintl, MS-Windows, musl, z/OS.
- In C code, use more C23 features if available.
- C23 timegm now supported by default.
- Fixes for unlikely integer overflows.
Previous release notes
Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.
Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 11.0.16) be used after the next critical patch update scheduled for October 18, 2022.
â HTTPS Channel Binding Support for Java GSS/Kerberos
Support has been added for TLS channel binding tokens for Negotiate/Kerberos authentication over HTTPS through javax.net.HttpsURLConnection.
The feature is controlled through a new system property jdk.https.negotiate.cbt which is described fully on the Networking Properties page.
â JDK Bundle Extensions Truncated When Downloading Using Firefox 102
On oracle.com and java.com, certain JDK bundle extensions are getting truncated on download when using Firefox version 102. The downloaded bundles have no file extension like «.exe», «.rpm», «.deb». If you are not able to upgrade to Firefox ESR 102.0.1 or Firefox 103 when it is released, then as a workaround you can:
- manually add a file extension to the file name after download.
- use a different browser
â Enable Windows Alternate Data Streams by default
The Windows implementation of java.io.File has been changed so that strict validity checks are not performed by default on file paths. This includes allowing colons (‘:’) in the path other than only immediately after a single drive letter. It also allows paths that represent NTFS Alternate Data Streams (ADS), such as «filename:streamname». This restores the default behavior of java.io.File to what it was prior to the April 2022 CPU in which strict validity checks were not performed by default on file paths on Windows. To re-enable strict path checking in java.io.File, the system property jdk.io.File.enableADS should be set to false (case ignored). This might be preferable, for example, if Windows special device paths such as NUL: are not used.
- JDK-8284920 Category: xml Subcategory: javax.xml.path Summary: Incorrect Token type causes XPath expression to return incorrect results
- JDK-8284548 Category:xml Subcategory: jaxpInvalid Summary: XPath expression causes StringIndexOutOfBoundsException
Java SE 11.0.15 Advanced — Bundled Patch Release (BPR) — Bug Fixes and Updates
- JDK-8221741 Category: client-libs Subcategory: 2d Description: ClassCastException can happen when fontconfig.properties is used
- JDK-8212904 Category: client-libs Subcategory: javax.swing Description: JTextArea line wrapping incorrect when using UI scale
- JDK-8282583 Category: xml Subcategory: jaxp Description: Update BCEL md to include the copyright notice
- JDK-8283350 Category: core-libs Subcategory: java.time Description: (tz) Update Timezone Data to 2022a
Previous release notes
â Support cross-realm MSSFU
â Customizing PKCS12 keystore Generation
Removed Features and Options
â Removed Root Certificates with 1024-bit Keys
Previous release notes
â -groupname Option Added to keytool Key Pair Generation
â Support for certificate_authorities Extension
The «certificate_authorities» extension is an optional extension introduced in TLS 1.3. It is used to indicate the certificate authorities (CAs) that an endpoint supports and should be used by the receiving endpoint to guide certificate selection.
With this JDK release, the «certificate_authorities» extension is supported for TLS 1.3 in both the client and the server sides. This extension is always present for client certificate selection, while it is optional for server certificate selection.
Applications can enable this extension for server certificate selection by setting the jdk.tls.client.enableCAExtension system property to true. The default value of the property is false.
Note that if the client trusts more CAs than the size limit of the extension (less than 2^16 bytes), the extension is not enabled. Also, some server implementations do not allow handshake messages to exceed 2^14 bytes. Consequently, there may be interoperability issues when jdk.tls.client.enableCAExtension is set to true and the client trusts more CAs than the server implementation limit.
â POSIX_SPAWN Option on Linux
As an additional way to launch processes on Linux, the jdk.lang.Process.launchMechanism property can be set to POSIX_SPAWN. This option has been available for a long time on other *nix platforms. The default launch mechanism (VFORK) on Linux is unchanged, so this additional option does not affect existing installations.
POSIX_SPAWN mitigates rare pathological cases when spawning child processes, but it has not yet been excessively tested. Prudence is advised when using POSIX_SPAWN in productive installations.
â Support for X25519 and X448 in TLS
The named elliptic curve groups x25519 and x448 are now available for JSSE key agreement in TLS versions 1.0 to 1.3, with x25519 being the most preferred of the default enabled named groups. The default ordered list is now:
x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192
The default list can be overridden by using the system property jdk.tls.namedGroups.
â jarsigner Preserves POSIX File Permission and symlink Attributes
When signing a file that contains POSIX file permission or symlink attributes, jarsigner now preserves these attributes in the newly signed file but warns that these attributes are unsigned and not protected by the signature. The same warning is printed during the jarsigner -verify operation for such files.
Note that the jar tool does not read/write these attributes. This change is more visible to tools like unzip where these attributes are preserved.
â Oracle JDK11u for Solaris Now Requires harfbuzz to be Installed
Oracle JDK-11.0.10 and later for Solaris 11 requires that the OS provide the package library/desktop/harfbuzz as part of the system installation. This package is provided for Solaris 11.3 and later.
This is a desktop library, but the font processing it does is part of some common backend server workloads. It should always be considered as required.
If this library is missing, then the pkg mechanism will require it during installation of the JDK. If installing the JDK by using a tar.gz bundle (for example) and the library/desktop/harfbuzz package is missing, a runtime link failure will occur when this package is needed.
JDK-8251907 (not public)
â JDK time-zone data upgraded to tzdata2020d
The JDK update incorporates tzdata2020d. The main change is
Palestine ends DST earlier than predicted, on 2020-10-24.
â JDK time-zone data upgraded to tzdata2020c
The JDK update incorporates tzdata2020c. The main change is
Fiji starts DST later than usual, on 2020-12-20.
â US/Pacific-New Zone Name Removed as Part of tzdata2020b
Information regarding this update can be viewed at https://mm.icann.org/pipermail/tz-announce/2020-October/000059.html.
â Weak Named Curves in TLS, CertPath, and Signed JAR Disabled by Default
- Weak named curves are disabled by default by adding them to the following disabledAlgorithms security properties: jdk.tls.disabledAlgorithms, jdk.certpath.disabledAlgorithms, and jdk.jar.disabledAlgorithms. The named curves are listed below.
- With 47 weak named curves to be disabled, adding individual named curves to each disabledAlgorithms property would be overwhelming. To relieve this, a new security property, jdk.disabled.namedCurves, is implemented that can list the named curves common to all of the disabledAlgorithms properties. To use the new property in the disabledAlgorithms properties, precede the full property name with the keyword include. Users can still add individual named curves to disabledAlgorithms properties separate from this new property. No other properties can be included in the disabledAlgorithms properties.
- To restore the named curves, remove the include jdk.disabled.namedCurves either from specific or from all disabledAlgorithms security properties. To restore one or more curves, remove the specific named curve(s) from the jdk.disabled.namedCurves property.
- Curves that are disabled through jdk.disabled.namedCurves include the following: secp112r1, secp112r2, secp128r1, secp128r2, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1
- Curves that remain enabled are: secp256r1, secp384r1, secp521r1, X25519, X448. See JDK-8233228
â Support for Kerberos Cross-Realm Referrals (RFC 6806)
- The Kerberos client has been enhanced with the support of principal name canonicalization and cross-realm referrals, as defined by the RFC 6806 protocol extension.
- As a result of this new feature, the Kerberos client can take advantage of more dynamic environment configurations and does not necessarily need to know (in advance) how to reach the realm of a target principal (user or service).
- Support is enabled by default and 5 is the maximum number of referral hops allowed. To turn it off, set the sun.security.krb5.disableReferrals security or system property to false. To configure a custom maximum number of referral hops, set the sun.security.krb5.maxReferrals security or system property to any positive value.
What’s New
â Marlin Renderer in JDK 8u
â Context-specific Deserialization Filter Subset
Allow applications to configure context-specific and dynamically-selected deserialization filters via a JVM-wide filter factory that is invoked to select a filter for each deserialization stream. The behavior is a strict subset of JEP 415: Context-Specific Deserialization Filters to allow a filter factory to be configured using a property configured on the command line or in the security properties file.
The behavior is opt-in based on the presence of the jdk.serialFilterFactory system property on the command line or the jdk.serialFilterFactory security property. If set, the JVM-wide filter factory selects the filter for each stream when the stream is constructed and when a stream-specific filter is set.
The JVM-wide filter factory is a java.util.function.BinaryOperator function invoked when each ObjectInputStream is constructed and when the stream-specific filter is set using sun.misc.ObjectInputFilter.Config.setObjectInputFilter(sun.misc.ObjectInputFilter). The parameters are the current filter and a requested filter and the function returns the filter to be used for the stream. When invoked from the ObjectInputStream constructors, the first parameter is null and the second parameter is the static JVM-wide filter. When invoked from sun.misc.ObjectInputFilter.Config.setObjectInputFilter(sun.misc.ObjectInputFilter), the first parameter is the filter currently set on the stream (which was set in the constructor), and the second parameter is the filter requested.
A typical filter factory should use or merge the static JVM-wide filter with other application and context specific filters and the stream-specific filter, if one is set on the stream. The filter factory implementation can also use any contextual information at its disposal, for example, extracted from the application thread context, or its call stack, to compose and combine a new filter. It is not restricted to only use its two parameters.
Previous release notes
Allow SASL Mechanisms to Be Restricted
- A security property named jdk.sasl.disabledMechanisms has been added that can be used to disable SASL mechanisms. Any disabled mechanism will be ignored if it is specified in the mechanisms argument of Sasl.createSaslClient or the mechanism argument of Sasl.createSaslServer. The default value for this security property is empty, which means that no mechanisms are disabled out-of-the-box.
SunPKCS11 Provider Upgraded with Support for PKCS#11 v2.40
- The SunPKCS11 provider has been updated with support for PKCS#11 v2.40. This version adds support for more algorithms such as the AES/GCM/NoPadding cipher, DSA signatures using SHA-2 family of message digests, and RSASSA-PSS signatures when the corresponding PKCS11 mechanisms are supported by the underlying PKCS11 library.
New Checks on Trust Anchor Certificates
- New checks have been added to ensure that trust anchors are CA certificates and contain proper extensions. Trust anchors are used to validate certificate chains used in TLS and signed code. Trust anchor certificates must include a Basic Constraints extension with the cA field set to true. Also, if they include a Key Usage extension, the keyCertSign bit must be set.
- A new system property named jdk.security.allowNonCaAnchor has been introduced to restore the previous behavior, if necessary. If the property is set to the empty String or «true» (case-insensitive), trust anchor certificates can be used if they do not have proper CA extensions.
- The default value of this property, if not set, is «false».
- Note that the property does not apply to X.509 v1 certificates (since they don’t support extensions).
- This property is currently used by the JDK implementation. It is not guaranteed to be supported by other Java SE implementations.
Exact Match Required for Trusted TLS Server Certificate
- A TLS server certificate must be an exact match of a trusted certificate on the client in order for it to be trusted when establishing a TLS connection.
Added LuxTrust Global Root 2 Certificate
+ LuxTrust
+ luxtrustglobalroot2ca
DN: CN=LuxTrust Global Root 2, O=LuxTrust S.A., C=LU
Support for OpenType CFF Fonts
- Previously, Oracle JDK 8 did not include OpenType CFF fonts (.otf fonts) into the standard logical fonts (such as «Dialog» and «SansSerif»). This resulted in missing glyphs when rendering text. In the most extreme cases where only CFF fonts were installed on the system, a Java exception could be thrown.
- Several Linux distributions were affected by this issue because they rely on CFF fonts to support some languages, which is common for CJK (Chinese, Japanese, and Korean) languages.
- Oracle JDK 8 now uses these CFF fonts, and this issue has been resolved.
Better Serial Filter Handling
- The jdk.serialFilter system property can only be set on the command line. If the filter has not been set on the command line, it can be set can be set with java.io.ObjectInputFilter.Config.setSerialFilter. Setting the jdk.serialFilter with java.lang.System.setProperty has no effect.
If you are looking for previous Java versions here are the links to download:

