toggle

AAPL Stock: 102.64 ( + 1.58 )

Printed from http://www.macnn.com

Java for Snow Leopard, Lion and Mountain Lion updated over security

updated 10:30 pm EDT, Tue October 15, 2013

Apple-provided update fixes issues, uninstalls the old Apple Java applet plug-in

For the fifth time this year, Apple has had to issue an update to Java for all three supported versions of OS X: Snow Leopard (10.6), Lion (10.7) and Mountain Lion (10.8). As has become the norm, the update was issued due to the discovery of "multiple vulnerabilities" in Java 1.6.0_51. The cross-platform development technology has been updated to version 1.6.0_65, and is referred to in Software Update as "Java for Mac OS X 10.6 Update 17" for Snow Leopard and "Java for OS X 2013-005" for newer systems.

The flaws vary in risk, but the most serious of the problems "may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user," report Apple. The company has been forced to disable Java multiple times owing to serious security issues over the past two years, and stopped distributing Java with new Macs in 2010 over the same sort of issues.

Users who are dependent on Java for things like web applications and games must stay ever-vigilant for new updates, either directly from Oracle (the current maintainer of Java following its purchase of Sun Microsystems) or through Apple's Software Update. Apple's software now automatically disables Java entirely if it hasn't been used in the past 30 days, and will warn users of risks or outright block the use of outdated versions of Java.

The new update notes that it is uninstalling the (outdated) Apple-provided Java applet plug-in from all web browsers in favor of the new install. Java has risen to become by far the most popular source of vulnerabilities for malware on the Mac to exploit, though Apple's aggressive efforts to disable it unless the very latest version is installed and used has kept incidents of malware very low and still rare.

The latest release notes for Java 1.6.0_65 reveal that it plugs some 38 separately-reported issues. The update is also available through Apple's Support Downloads web page.





by MacNN Staff

toggle

Comments

  1. pairof9s

    Mac Enthusiast

    Joined: 01-03-08

    It should be noted that Oracle released their update version for Mac yesterday as well, Java 7 Update 45.

    http://download.oracle.com/otn-pub/java/jdk/7u45-b18/jdk-7u45-macosx-x64.dmg

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Patriot Supersonic Rage XT 128GB USB drive

USB thumb drives are getting larger by the day, their growth speeding along with the availability and expansion of memory chips. But h ...

Autodesk Smoke 2015

Since May of this year, Autodesk has been shipping the highly anticipated update to its high-end post-production video editing suite, ...

Crucial MX100 256GB SATA-3 SSD

While the price-per-gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for ...

toggle

Most Commented