#ORACLE JAVA UPDATE FOR MAC SOFTWARE#
If you normally browse the Web with Firefox, for example, consider disabling the Java plugin in Firefox (from the Add-ons menu, click Plugins and then disable anything Java related, and restart the browser), and then using an alternative browser ( Chrome, IE9, Safari, etc.) with Java enabled to browse only the site that requires it.Īpple stopped bundling Java by default in OS X 10.7 (Lion), it offers instructions for downloading and installing the software framework when users access webpages that use it. In this case, I would suggest a two-browser approach.
If you primarily use Java because some Web site, or program you have on your system - such as OpenOffice or Freemind - requires it, you can still dramatically reduce the risk from Java attacks just by disabling the plugin in your Web browser. Mac users can use the Software Update feature to check for any available Java updates. Windows users can find out if they have Java installed and which version by visiting and clicking the “Do I have Java? link. The reason I say this is that Java requires constant patching, and it appears to be the favorite target of attackers these days. Regardless of which operating system you use, if you have Java installed, I would advise you to update it, neuter it or remove it as soon as possible. It’s unclear whether those other three flaws simply don’t exist in the Mac version of Java, but we’ll take progress where we can get it. Apple’s Java update brings Java on the Mac to 1.6.0_33, and patches 11 of the 14 security vulnerabilities that Oracle fixed in Tuesday’s release. The update Oracle released yesterday, Java 6 Update 33 and Java 7 Update 5, fixes at least 14 security flaws in the oft-attacked software that is installed on more than three billion devices worldwide. Well, it seems that Apple learned a thing or two from that incident.
#ORACLE JAVA UPDATE FOR MAC MAC OS X#
This failure on Apple’s part finally caught up with Mac OS X users earlier this year and turned into a major embarrassment for Apple, when the Flashback malware infected more than 650,000 Mac systems using a vulnerability that Oracle (but not Apple) had patched roughly two months earlier. Oracle is the official producer of Java, but Apple maintains its own version, and it has consistently lagged months behind Oracle in fixing security bugs. I’ve taken Apple to task several times for its unacceptable delays in patching Java vulnerabilities. There must have been some rare planetary alignment yesterday, because the oddest thing happened: Apple and Oracle both shipped software updates for the same Java security flaws on the very same day.
0 kommentar(er)
