Matching Leopard update also available

(Updated with Leopard patch info) Apple has released a first official Java update for Mac OS X Snow Leopard. Little information is available, but the patch does push Java SE 6 to v1.60_17, and include various "reliability, security and compatibility" fixes. Downloaders must be running Mac OS X 10.6.2 or later.

Several security problems have been addressed, including ones with Java 1.6.0_15 which could allow an untrusted applet to gain elevated privileges. A malicious applet could theoretically launch from a webpage, executing code with all of a visitor's normal privileges. A separate code flaw treats an expired applet certificate as valid, defeating a basic security barrier.

Update: Apple has also posted a matching update for Mac OS X Leopard. It contains all of the same fixes, but further upgrades J2SE 5.0 to v1.5.0_22. The patch is a 122MB download for systems running Mac OS X 10.5.8.

by MacNN Staff