Oracle warns of a critical Java vulnerability affecting Java SE running in web browsers. An attacker can take over a client if the user visits a malicious web page with Java SE enabled in the web browser [1].
The following supported Java SE versions are affected: 7u97, 8u73, 8u74
Airlock WAF is not affected because the vulnerability affects only Java SE running in web browsers.
We strongly recommend to update all client installations of Java - or even better un-installing Java from clients where it is not needed.