Oracle will release a new version of Java on Tuesday that will include 42 security fixes and will make changes to how Web-based Java content will be presented inside browsers. Thirty-nine of the vulnerabilities patched by the new Java 7 Update 21 (7u21) can be exploited remotely without authentication, Oracle said in a pre-release announcement. Some of them have the maximum score on the CVSS 2.0 scale used by Oracle to rate the severity of vulnerabilities.