toggle

AAPL Stock: 100.53 ( + 1.37 )

Subscribe to this page now.

Java support for Windows XP ended in April, no more supported updates

07/06, 4:50pm

Company no longer issuing platform fixes, security updates continue until April 2015

When the next quarterly update to Java rolls around later this month, Oracle says it won't include support for Windows XP users. The critical patch update, scheduled for July 15, updates Java 7 and Java 8 for newer Microsoft operating systems from Vista up to Windows 8. The choice to use Java on XP is left up to users because of the potential risk involved.

more

Appeals court: Java APIs copyrightable, Google vs. Oracle overturned

05/09, 11:43am

Next step for Android case either Supreme Court or retrial

The US Court of Appeals for the Federal Circuit in Washington, DC has overturned the Google vs Oracle court case, finding that Java APIs are subject to copyright protection. Reuters' Dan Levine was the first to break the news with a tweet on the ruling. The trial is now likely to head back to the Northern District of California for a second attempt, or see hearings before the US Supreme Court upon further appeal.

more

Appeals court may reverse Google win in Oracle's Android lawsuit

12/04, 2:33pm

Court appears skeptical of Judge William Alsup ruling

The US Court of Appeals for the Federal Circuit in Washington, DC, appears to be siding with Oracle in the company's lawsuit against Google over Android APIs. A formal ruling has yet to be handed down, however Reuters' Dan Levine and The Recorder's Scott K. Graham, both in attendance at today's hearing, published Twitter posts suggesting that the appeals court is likely to reverse Google's earlier win.

more

Java for Snow Leopard, Lion and Mountain Lion updated over security

10/15, 10:30pm

Apple-provided update fixes issues, uninstalls the old Apple Java applet plug-in

For the fifth time this year, Apple has had to issue an update to Java for all three supported versions of OS X: Snow Leopard (10.6), Lion (10.7) and Mountain Lion (10.8). As has become the norm, the update was issued due to the discovery of "multiple vulnerabilities" in Java 1.6.0_51. The cross-platform development technology has been updated to version 1.6.0_65, and is referred to in Software Update as "Java for Mac OS X 10.6 Update 17" for Snow Leopard and "Java for OS X 2013-005" for newer systems.

more

New Mountain Lion, Safari, iTunes, Java builds seeding internally

10/02, 12:23pm

Safari update brings parity with version in Mavericks

Apple is distributing new pre-release builds of iTunes, Safari, Java, and the OS X 10.8.5 Supplemental Update amongst employees, a report says. The Supplemental Update is said to have reached build 12F45, as opposed to the 12F42 code seen during an initial leak. Safari 6.1 is meanwhile up to build 537A134.

more

Apple blocks Java plug-in once again over security issues

08/29, 8:30pm

Keeping Java up-to-date can help avoid inconvenience

For at least the third time this year, Apple has blocked the Java 6 and Java 7 plug-ins on Macs due to "multiple security issues" in versions older than the most current. The update causes Java 6 installations older than update 51 to stop working, and for Java 7 versions older than update 25 are blocked. Java, which is not to be confused with programming language JavaScript, has been plagued with security issues for years.

more

Wireless carriers counter-hack SIM card Java flaw, updating encryption

08/01, 11:44pm

Carriers update SIM cards with Java flaw, preventing costly recall

By exploiting the same Java-based flaw that caused the problem in the first place, most major wireless carriers have fixed a critical problem with SIM cards crucial to mobile phones that could have revealed personal data from cellphones to malicious parties. The counter-hack saved the wireless industry millions of dollars that it would have cost to replace all the affected SIM cards.

more

Firefox 22 supports 'high-intensity' JavaScript content, WebRTC calls

06/25, 1:26pm

WebRTC toggled on by default

Mozilla has posted the public release of Firefox 22, an important update of its multi-platform web browser. The app incorporates a new JavaScript subset, asm.js, which Mozilla says should let developers create "high-intensity" web apps such as 3D games and photo editors without extra plugins. The update also by default enables WebRTC, a protocol that supports voice and video calls as well as filesharing.

more

Online Apple Store, Apple Java update beset by technical problems

06/24, 9:24am

Early Java update may be faulty

Two significant technical problems hit Apple over the weekend, accounts say. The first is the discovery that early installers of last week's Lion/Mountain Lion Java update may have downloaded a premature build, xM4508, which can prevent some Java apps from working. The corrected version is xM4509, and is available via Software Update or Apple's support page. People can check which build they have installed by entering "/usr/libexec/java_home -v 1.6 -exec java -version" into Terminal.

more

Apple issues Java updates for Snow Leopard, Lion, Mountain Lion

06/18, 4:38pm

Updates fix security, stability, and compatibility problems

Apple has posted twin Java updates for OS X, Java for OS X 2013-004 and Mac OS X v10.6 Update 16. Both deal with security, stability, and compatibility flaws. The first is targeted at Lion and Mountain Lion users, while the second is for Snow Leopard only.

more

Finished OS X 10.8.4 update fixes problems with Wi-Fi, Exchange

06/04, 5:04pm

Includes Safari 6.0.5

Apple has released a completed v10.8.4 update for OS X Mountain Lion. The release solves numerous issues, such as compatibility problems when connecting to enterprise Wi-Fi networks, and support for Microsoft Exchange in Calendar. FaceTime calls should now properly connect to non-US phone numbers, and Macs should go to sleep after using Boot Camp.

more

Forums: who's to blame, Safari or Java?

04/19, 1:53pm

Who's to blame, Safari or Java?

Yesterday in the MacNN forums, "cgc" was trying to figure out why they were having problems with certain websites after updating Safari and Java. Also yesterday, Professional Poster "badidea" was having a problem with the cursor remaining on screen while the iTunes visualizer is playing.

more

Apple adds site-specific controls to Java, updates Safari

04/16, 7:45pm

Restores more user control to Java web plug-in

Apple on Tuesday updated both Java and its web browser Safari for users of OS X 10.6.8 (Snow Leopard) and higher. The updates now allow users to enable the Java web plug-in on a site-by-site basis, as opposed to the "active" or "inactive" options it had previously. Following a spate of serious issues, Apple forcibly disabled the Java plug-in because of malicious, in-use threats -- though users could reactivate Java once they updated.

more

Briefly: older Java blocked, Draftcode for iPad, iSkin slims

03/07, 1:45am

Apple now blocking older versions of Java 6, 7

Due to multiple and in-use vulnerabilities that are actively affecting user systems, Apple has taken the step of blocking the web plug-ins for all older versions of Java 6 and 7. Browsers on Snow Leopard, Lion and Mountain Lion that don't include their own built-in versions of the Java plug-in must be updated to the current version, which is update 17 for Java SE 7 and update 43 for Java SE 6. Java is not installed on modern Macs by default, and disabled automatically if not used for 31 days or more even if installed. The move does not affect local installations of Java, only the web plug-in.

more

Oracle, Apple update Java to fix newly-discovered exploits

03/04, 4:51pm

Five more vulnerabilities discovered

Oracle has released a new version of Java 7, Update 17. The patch is being released early, Oracle says, to cope with a security hole that is being "actively exploited by attackers to maliciously install the McRat executable onto unsuspecting users machines." The vulnerability was made public late last week. It also fixes a second, previously undocumented flaw, believed to be likewise connected to Java SE's 2D component.

more

Researchers discover new, in-use vulnerability in Java

03/01, 4:06pm

Real-world malware called inconsistent

A new vulnerability has been discovered in the latest versions of Java, v1.6 Update 41 and v1.7 Update 15, say researchers from security firms FireEye and Kaspersky Lab. Critically the bug is already being exploited in order to download and install a remote access tool, "McRAT," on targeted computers. The malware is being spread through a JPG file hosted on a Japanese website.

more

Oracle updates Java again to close serious security flaws

02/20, 1:26pm

Third emergency update may be the charm for recent malware issues

Oracle has once again released an updated version of Java SE 7 in order to combat serious vulnerabilities that have resulted in malware attacks on both Macs and Windows PCs. The new version, Update 15, comes less than three weeks after the previous patch, and follows an Apple-issued update to Java SE 6 in the wake of hacker attacks against Apple's own employees' work Macs. The new update is said by Oracle to "enhance security" as well as improve performance and stability.

more

Apple issues promised post-attack Java update

02/19, 4:55pm

Lion, Mountain Lion, Snow Leopard get Java SE 6 fixes

Apple has released a promised Java update in the wake of an attack by Chinese hackers. The patch is available in two versions, for Lion/Mountain Lion and Snow Leopard. In both cases the code should bring Java SE 6 up to v1.6.0_41.

more

Briefly: iPad mini ship times, OS X bug, Java 10.6 update

02/04, 12:33am

Shipping for iPad mini orders drops to 1-3 days

Roughly ten days after it last updated iPad mini ship times, Apple has dropped the wait again -- indicating that availability is improving. While still not achieving what CEO Tim Cook calls "supply/demand balance" (which generally translates into a shipping status of "in stock" or available for immediate shipping), the delay has now dropped to 1-3 business days in the US and Canadian stores, down from the 3-5 day delay recently advertised. The iPad mini has been heavily in-demand since release, and in-store supplies are still constrained.

more

Oracle issues Java 7 Update 13 early to fix vulnerabilities

02/01, 5:06pm

Java resumes working in OS X

Oracle has released Java 7 Update 13. In an announcement, Oracle explains that the update was originally slated to go live February 19th, but that it was pushed out early because of "active exploitation in the wild of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers." In all the code fixes 50 security holes; 44 of these are said to have been browser-only.

more

Stealth OS X update once again blocks use of Java

01/31, 11:06am

Normal use waiting on Oracle update

Apple is once again blocking the use of the Java web plug-in in OS X, reports say. The company has issued a silent update to OS X's anti-malware system which sets the minimum version of Java beyond the current Mac release, Java 7 Update 11. As a consequence, Java can't be used in web browsers on Macs until Oracle issues its next patch. The step may back (or be based on) views that Java continues to have serious security flaws.

more

Apple quietly blocks Java 7 in OS X [U]

01/11, 3:20pm

Blacklist requires unreleased version of Java for plugin to work

[Update: Mozilla joins in, FBI issues warning, fix coming] Apple has disabled the Java 7 browser plug-in on Macs through an updated OS X blacklist file, notes MacRumors. Recently a major security vulnerability was discovered in Java 7, one already being exploited in malware. In response, Apple has silently pushed an updated Xprotect.plist file to OS X users, setting an as-yet-unreleased v1.7.0_10-b19 as the minimum version of Java required for unrestricted operation.

more

Java zero-day exploit seen in malicious advertising

01/10, 4:29pm

Vulnerability found in Java 7 Update 10

A previously unknown vulnerability in Java is being used online by hackers, according to security researchers. The 0-day exploit has also reportedly been included in two malware toolkits used by hackers, with the best form of protection currently being to turn off the Java plug-in for all browsers until the hole is patched.

more

Apple promotes Java 6 SE fix through Software Update

10/16, 7:22pm

Patches zero-day exploit for Snow Leopard, Lion, ML

Though recent versions of OS X no longer ship with a Java plug-in -- and Apple has ceased developing its own versions and left compatibility to Java owner Oracle -- the company is pushing an updated version of Oracle's latest release of Java SE 6 (version number 1.6.0 build 37) through its own Software Update mechanism. The update fixes a critical "zero-day" exploit reported at the end of last month and is available as separate releases for OS X 10.6, and OS X 10.7 and higher.

more

Oracle files appeal of precedent-setting Java API trial

10/04, 7:00pm

Oracle must overcome both 'fair use' and non-patentable API issues

At the end of the day on Wednesday, and months after the surprise close of the trial, Oracle filed with the United States District Court for the Northern District of California a notice of appeal of Judge William Alsup's decision in the Java patent trial with Google. Oracle is contesting the decision based on Judge Alsup's ruling of the Java API being non-patentable.

more

New Java zero-day exploit puts Macs, PCs at risk

09/26, 6:30pm

Fault is in all supported versions of Java, Oracle notified

Users of Macs that are still running older OS versions such as Snow Leopard and earlier, as well as those running newer OS versions but have installed Java on their own, are advised to turn off the Java functionality in both their browser and system, thanks to a critical new flaw found in all currently-supported versions of Java, including the latest ones. The bug allows attackers to bypass security features and install malware on Macs or Windows machines that have Java installed and active. All versions from Java 5 on up are affected by the flaw.

more

Adobe deploys new Edge tools, services

09/24, 9:25pm

Package mix of new, updated, renamed tools

At Adobe's Create the Web event in San Francisco today, Adobe unveiled its newly-renamed Edge suite of JavaScript, HTML5, and CSS3 tools and services. Amongst the new offering are Adobe Edge Animate, Adobe Edge Inspect, and Adobe PhoneGap Build. Adobe has also given users a preview of Adobe Edge Code with the new release.

more

Apple issues new Lion, Snow Leopard Java updates

09/05, 3:48pm

Patches disable always-on Java support

Apple has posted two new OS X Java updates: one for Lion, Java for OS X 2012-005, and one for Snow Leopard, Java for Mac OS X 10.6 Update 10. In both cases the patches now prevent Java from running in an always-on state. The Java plugin is killed if no applets have been run for an "extended period of time;" in fact, if Java for OS X 2012-004 wasn't previously installed, 005 disables Java by default until a person choose to enable or re-enable a Java plugin in their browser.

more

Apple denies handing over UDIDs to FBI

09/05, 1:57pm

Says new APIs in iOS 6 will render UDID system obsolete

Apple has issued its own statement in response to a leaked list of 1 million UDIDs purportedly stolen from an FBI notebook. "The FBI has not requested this information from Apple, nor have we provided it to the FBI or any organization," spokeswoman Natalie Kerris tells AllThingsD. "Additionally, with iOS 6 we introduced a new set of APIs meant to replace the use of UDID and will soon be banning the use of UDID."

more

FBI: 'No evidence' that FBI notebook was source of UDIDs

09/05, 9:41am

Says it's 'totally false' that it was collecting iOS data

The FBI is denying any involvement in a list of leaked iOS UDIDs, according to official statements. "The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed," the agency tells AllThingsD. "At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data."

more

Hackers claim 1 million iOS UDIDs taken from FBI [U]

09/04, 9:30am

User names, phone numbers, other data also allegedly leaked

[Update: FBI denies leaked data came from its equipment] A hacker group, Antisec, has released what it says is a list of one million iOS UDIDs pulled from an FBI notebook in March. The Dell Vostro reportedly belonged to Supervisor Special Agent Christopher K. Stangl from the FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team; his system was hacked using an AtomicReferenceArray vulnerability in Java, and during the attack Antisec says it downloaded a number of files, one of which was listed as "NCFTA_iOS_devices_intel.csv."

more

Oracle issues Java security patch

08/30, 4:36pm

Update 7 addresses hole ahead of planned update

Oracle has issued a patch to address a recently discovered security hole affecting Mac, Windows, and Linux users. The patch represents a rare early fix release, as Oracle was already slated to release a patch in October of this year. The patch is available for download at Java.com.

more

New Java 7 exploit affects OS X, Windows, Linux users

08/27, 6:36pm

Lion, Mountain Lion safeguards provide modest defense

A new security exploit in Java 7 is affecting Mac, Windows, and Linux users alike, according to an engineering manager for Metasploit, an open-source penetration testing framework. The vulnerability is described as "super dangerous," since an attack can be triggered simply by visiting a hacked or intentionally malicious website. OS X Lion and Mountain Lion do provide a modest level of protection, since Java isn't installed by default on the operating systems, which also ask users if they want to run the software.

more

Google discloses list of 'possible' astroturf writers

08/25, 3:47pm

Search giant does not admit it paid writers to comment on case

While Google continues to claim that it has not paid any writers to directly report or comment on the Oracle versus Google lawsuit, in response to a second judicial order the search engine and advertising giant has provided a list of individuals and groups who have commented on the case and have, possibly coincidentally, received money from the company. The list includes Google lawyer William Patry, Java creator James Gosling, and Computer and Communications Industry Association (CCIA) overseer Ed Black.

more

Cross-platform 'Crisis' malware hits Windows, OS X, VMWare

08/22, 11:29pm

Windows Mobile devices possible vector of Java-based infection

Researchers from Kaspersky Lab have released a description of a new malware delivery platform capable of spreading itself and its payload to Windows, Mac OS X, VMWare virtual machines, and Windows Mobile devices. The "Crisis" trojan is capable of intercepting emails and instant messages, with a module to keep track of websites visited by the infected computer.

more

Judge: Google 'failed' to list astroturf writers

08/20, 2:30pm

Company must disclose paid writers by noon Friday

In the ongoing dispute between Google and Oracle over patents related to Android's use of Java code, US District Court Judge William Alsup last week ordered both parties to disclose any paid journalists, bloggers, pundits or other writers who may be writing opinion pieces with or without fully disclosing their relationship with the companies -- a practice known as "astro-turfing" since it mimics "grassroots" opinion.

more

Java SE 7 Update 6 brings SE7 to OS X

08/14, 5:09pm

Promises JRE downloads from Java.com 'soon'

Oracle has released a collection of new Java updates for OS X. The most important of these is Java SE 7 Update 6, which brings SE 7 to OS X for the first time. Matching an updated Java Runtime Environment is a new Java Development Kit, plus the JavaFX 2.2 rich client platform and JavaFX Scene Builder.

more

Oracle versus Google 'fair use' legal fight heading to DC?

07/18, 8:20pm

Judge Alsup unlikely to overturn his own rulings

Fresh off a triumph over Oracle in its Java plagiarizing dispute, Google has undertaken a potentially-risky maneuver by filing for a judgement as a matter of law (JMOL) ruling from Judge William Alsup on various unresolved issues from Oracle's copyright claims, and requests a hearing date of August 23. Given Alsup's comprehensive judgement on the matter, the next venue for the appeal is almost certainly the Federal appeals court in Washington, DC. Both Oracle and Google have requested the judge rule on a JMOL motion related to the unceremonious $0 dollar settlement marking the end of the trial.

more

Oracle settles for $0 in Java-Android patent case

06/21, 12:45am

Prescedent-setting trial expected to be appealed

The contentious Oracle lawsuit against Google's use of Java code in Android, which ended in a mixed and muted exoneration for Google, took another turn Wednesday as the two tech titans agreed to a zero-dollar award. Presiding Judge William Alsup only asked "is there a catch I need to be aware of." Oracle is filing a partial appeal with the Federal Circuit Court of Appeals, which could return portions of the suit to Alsup's courtroom later this year.

more

Jury clears Google of Oracle patent infringement claims

05/23, 4:10pm

Legal battle centers around copyright issues

A jury at the US District Court of Northern California has determined that Google has not infringed on six claims contained in two Oracle patents. The unanimous decision is viewed as a partial win for the search giant, however the company still faces potential damages in an earlier verdict that focused on copyright violations for a number of Java APIs.

more

Flashback-K malware breaks down; no payment for creators

05/20, 4:42pm

From 600,000 infections to 10,000; ad vendor won't pay

After possibly infecting up to 1.8 percent of the Macintosh population with a click-fraud macro through a Java vulnerability, the Flashback creators won't get paid despite their efforts, reports Computerworld. Following a coordinated security effort between antivirus vendors and security experts, remote malicious orders were blocked or prevented from effecting an estimated peak 600,000 infected computers. Apple joined the fray late, but provided patches and a removal tool for the malware.

more

Oracle: Google found Java subcontractors 'super shady'

05/14, 7:50pm

Noser engineers had Oracle install, copied freely

Oracle and Google continued the debate over how to proceed with the ongoing Java patent infringement suit. During the discussion and filing with the Judge William Alsup, Oracle presented a document summarizing why it is entitled to Google's profits from the case -- "super shady" contractors from Noser in Google's Android team. Google disputes the relevance of the filing.

more

Additional infringement charge added in Oracle vs. Google

05/11, 8:15pm

Trial continues, damages phase may start next week

It appears the Google versus Oracle legal skirmish regarding Java patentability is beginning to wind down. At the beginning of today's hearings, Judge William Alsup granted Oracle's request for a judgement as a matter of law (JMOL) in regards to eight files copied directly into Android from Oracle's code base, and awarded an additional copyright infringement to Oracle. The matters of "fair use" and willful violation have yet to be decided.

more

Jury partial verdict: Google infringed Oracle copyrights

05/07, 6:00pm

No decision on fair use, trial continues

The jury assigned to the Oracle versus Google lawsuit has returned a partial verdict. On the matter of API copyright infringement, Google has been found to have violated the sequence, structure, and organization of 37 Java API copyrights. However, whether or not the infringement was fair use remains to be decided, as the jury was unable to break through a previously reported impasse on the matter. Judge Alsop is not waiting for motions from either side, and is immediately moving forward with the next phase, the patent phase, of the trial.

more

Google v. Oracle judge reads part of sealed financial docs

05/06, 5:10pm

Large losses by Android group taken in FY2010

Judge William Alsup unexpectedly read portions from a previously-sealed Googledocument during a Thursday compensation hearing, a part of the company's ongoing legal battle with Oracle. While not disclosing specific figures, Alsup revealed that Google's Android mobile platform lost money in every quarter of 2010. Google does not release financial information about Android.

more

Apple preparing Java runtime shift to Oracle

05/04, 9:30pm

Getting out of its own version entirely

Apple is now preparing a pair of Java 6 runtime updates for OS X 10.6 and 10.7 that will mark the last Apple-custom versions of Java, handing over all future development and responsibility for Java on the Mac platform directly to Oracle. Apple had already stopped shipping a default version of Java with new Macs beginning with the release of Lion last summer, but had made in-house versions available to Lion users as well as continued supporting the Snow Leopard version.

more

Jury reaches partial verdict in Oracle vs Google

05/04, 8:23pm

Judge urges Oracle vs Google jury to reconvene

The jury in the Oracle vs. Google lawsuit has reached a partial verdict on three of four questions that they were required to consider as part of the copyright liability phase of the trial. The foreman said that a minority of the jury felt that more time would be helpful in reaching agreement on all four questions. Judge Alsup pointed out that the jurors did not need to reach a unanimous agreement on the fourth question, but the foreman told the Judge the impasse was on one of the three questions (embedded below) that required full agreement.

more

Google vs Oracle Java suit jury currently deadlocked

05/03, 10:35pm

20 hours of deliberation, no decision

After 20 hours of deliberations spread over four days, the jury responsible for the Google versus Oracle Java court battle has so far failed to reach a decision. A question posed to Judge William Alsup posed more questions as to the timely resolution of the trial -- a note passed to the judge by the jury asked what would happen if they couldn't reach a unanimous decision.

more

Java vet says Google 'slimed' Sun as Oracle trial phase ends

04/30, 2:05pm

Java vet docks Google for tactics with Java

Java pioneer James Gosling has criticized Google for the tactics it used in going without a Java license for Android. He argued that, despite former Sun chief Jonathan Schwartz saying Sun couldn't sue Google, the decision to skip a license still hurt the company. Google "totally slimed" Sun, and even Schwartz was tolerating the action rather than endorsing it.

more

Oracle to bring Java SE7 to Mac users later this year

04/27, 8:00pm

Now directly supplying JDK and JavaFX for OS X

Following the disruption caused by an unpatched vulnerability in Mac versions of Java SE 6 that played havoc with the Mac community for several weeks until Apple finally posted the patch, Oracle has announced that it will take the lead in supplying both Java SE 7 and its runtime environment to Mac users who need it. For developers, the Java SE 7 Update 4 and its JDK as well as JavaFX 2.1 are both available now for download, marking Oracle's first direct delivery) for Mac OS X.

more

MacNN Sponsor

MacNN Newsletter

FREE Apple, iPhone and Mac Newsletter

  • We will not share your email address with anyone.

    toggle

    Most Popular

    MacNN Sponsor

    Recent Reviews

    Life n Soul 8 Driver Bluetooth headphones

    When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

    Pure Jongo T2 wireless speaker

    Multi-room audio compatibility is a key metric for wireless sound systems these days. The entry cost into a house-spanning system can ...

    Logitech Z213 multimedia speakers

    Desktop computer speakers sit in a weird area of limbo: many consumers have forgone the era of desktop listening for the privacy and v ...

    toggle

    Most Commented