An anonymous reader quotes BleepingComputer: Oracle says that starting with April 18, 2017, Java will treat all JAR files signed with the MD5 algorithm as unsigned , meaning they’ll be considered insecure and blocked from running. Oracle originally planned MD5’s deprecation for the current Critical Patch Update, released this week, which included a whopping 270 security fixes , one of the biggest security updates to date.