Apple Patches Java Flaws, At Last
Apple on Monday shipped updates to plug more than two dozen security holes in its version of Java, including a particularly dangerous flaw that Java maker Sun patched back in early December.
Last month, Security Fix and others took Apple to task for taking too long to fix Java vulnerabilities. In fact, I found that Apple patches Java flaws on average about six months after Sun had shipped its own updates to fix the same vulnerabilities. At least two different researchers even released proof-of-concept exploits to shame Apple into quickly fixing an easy-to-exploit vulnerability that potential attackers had known about for six months.
This Java update appears to address most of the outstanding Java vulnerabilities. From looking at the common vulnerabilities and exposures (CVE) numbers attached to each of the flaws fixed by Apple's Java rollup, it looks like this update brings Mac OS X systems to the equivalent of Java 6 Update 13 (Sun recently released Update 14, but there don't appear to be any security related fixes in that bundle).
Mac users can grab the latest Java version via Software Update or directly from Apple's Software Downloads Web site.
June 16, 2009; 6:55 AM ET
Categories: New Patches , Safety Tips | Tags: apple patch, java
Save & Share: Previous: Default Passwords Led to $55 Million in Bogus Phone Charges
Next: Top Security Minds Urge Google to Encrypt All Services
Posted by: smkpuck1 | June 16, 2009 10:02 AM | Report abuse
Posted by: Eideard | June 16, 2009 10:19 AM | Report abuse
Posted by: BTKrebs | June 16, 2009 10:23 AM | Report abuse
Posted by: peterpallesen | June 16, 2009 10:25 AM | Report abuse
Posted by: belukaszewicz1 | June 16, 2009 1:37 PM | Report abuse
Posted by: Cortimetrix | June 16, 2009 3:39 PM | Report abuse
Posted by: dalkorian | June 16, 2009 3:44 PM | Report abuse
Posted by: Annorax | June 16, 2009 5:11 PM | Report abuse
Posted by: Rejini | June 17, 2009 8:28 AM | Report abuse
Posted by: hubiehd | June 17, 2009 10:31 AM | Report abuse
The comments to this entry are closed.