Announcing major ColdFusion 2025 update of May 20 2026 - thoughts and resources
A substantial new CF update for CF2025 has been released today, May 20, 2026. It's unique/important, in many ways:
About the coming (massive) CF2025 "AI update", prerelease links and more
If you haven't heard, Adobe is planning to release soon a massive update to CF2025 (not a "CF2026": more on that below). The update adds not only AI features but more, including language features, security features, PMT enhancements, and more. (Note also that the AI features are optional, so don't let that keep you from considering it.)
In this post, I point out how one can participate in the prerelease (including seeing its substantial docs and obtaining the prerelease update adding the new features). I can't share news of what's IN the new version, per the info available in those prerelease docs. But in a follow-on post I will offer links to the recordings of several recent Adobe webinars, from mid-April 2026, where Adobe CF team members shared several hours of presentations about what's coming (again on more than just the new AI features).
Here are the topics I cover in this post:
Announcing Java updates of Apr 21 2026 - thoughts and resources
It's that time again: there are new Oracle JVM updates released today (Apr 21, 2026) for the current long-term support (LTS) releases of Oracle Java 25, 21, 17, 11, and 8, as well as the newest short-term release, 26. (Yep, kind of crazy that there are for now 5 current Oracle Java "LTS" releases, for historical reasons.)
TLDR: The new updates are 26.0.1, 25.0.3, 21.0.11, 17.0.19, 11.0.31, and 1.8.0_491 (aka 8u491) respectively. The update seems a pretty modest one, without seeming breaking changes (though my opinion is based solely on my read of the update release notes, in this first day).
More on the updates below, including links to more info on each of them including what changed, bug fixes, and the security fixes each version contains. (I also offer a quick assessment of the changes listed for the updates.)
Also, openjdk updates are usually released at the same time or soon after, so this info may help users of such alternative JDK implementations.
For some folks, the above is all they need to hear. For others, whether this your first time updating Java or your fiftieth, there are some things that you may or may not know, as I cover here.
Announcing ColdFusion updates of Apr 14 2026 - p1 security update - thoughts and resources
An update for ColdFusion has been released, Apr 14 2026, for each of cf2025 (as its update 7) and cf2023 (as its update 19). In brief, this update is classed by Adobe as a P1 (Priority 1, "Critical") security update. Then again, the security bulletin (link below) indicates as of today that, "Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates."
(This is the second update since CF2021 has reached its end of life as I blogged previously, which is something folks running that should beware. You are now QUITE exposed to things fixed in these two updates, for which there is no fix for you.)
In this post, I share the details about the update (from Adobe and from others). I also share additional info you may want to consider before (or after) doing the update.
For more, read on.
Announcing Java updates of Jan 20 2026 - thoughts and resources
It's that time again: there are new Oracle JVM updates released today (Jan 20, 2026) for the current long-term support (LTS) releases of Oracle Java, 8, 11, 17, 21, and 25. (Yep, kind of crazy that there are for now 5 current Oracle Java "LTS" releases, for historical reasons.)
TLDR: The new updates are 1.8.0_481 (aka 8u481), 11.0.30, 17.0.18, 21.0.10, and 25.0.2, respectively. More on the updates below, including links to more info on each of them including what changed, bug fixes, and the security fixes each version contains. (I also offer a quick assessment of the changes listed for the updates.)
Also, openjdk updates are usually released at the same time or soon after, so this info may help users of such alternative JDK implementations.
For some folks, the above is all they need to hear. For others, whether this your first time updating Java or your fiftieth, there are some things that you may or may not know, as I cover here.
Announcing ColdFusion updates of Jan 13 2026 - p1 security update - thoughts and resources
An update for ColdFusion has been released, Jan 13 2026, for each of cf2025 (as its update 6) and cf2023 (as its update 18). (This is the first update since CF2021 has reached its end of life as I blogged previously, so this is the first cf update NOT available for cf2021, which is something folks running that should beware.)
In brief, this update (for both versions) addresses a P1 (Priority 1, "Critical") security vulnerability, related to the Apache Tika java framework which Adobe embeds for certain processing with CF.
Before proceeding, it's of some concern to note that unlike recent CF security updates, Adobe does NOT report (in the APSB, linked to below) that they are, "not aware of any exploits in the wild for any of the issues addressed in these updates." That omission would seem to imply that they ARE aware of this vuln being exploited, which raises the urgency of getting it applied. (It also raises the concern all the more for those on CF2021 or earlier, for whom Adobe will no longer offers ANY updates, including security updates.)
In this post, I share the details about the update (from Adobe and from others). I also share additional info you may want to consider before (or after) doing the update.
For more, read on.
