Got a tip for us? Share it...

Apple Releases Java Update to Fix New Zero-Day Vulnerability

java_logo_newApple has pushed a new release of Java 6 that fixes a new vulnerability discovered just a few days ago. Somewhat confusingly, Apple delivers updates to Java 6, while Oracle delivers updates directly to Java 7 users.

InformationWeek reports:
"We detected a brand new Java zero-day vulnerability that was used to attack multiple customers," FireEye security researchers Darien Kindlund and Yichong Lin said in a blog posted Thursday. "Specifically, we observed successful exploitation against browsers that have Java v1.6 update 41 and Java v1.7 update 15 installed," they said, referring to the two most recently released versions of Java 6 and Java 7.
Lion and Mountain Lion users should download Java for OS X 2013-002. This file updates Java SE 6 to 1.6.0_43, the latest version released by Oracle. Snow Leopard users will download Java for Mac OS X 10.6 Update 14, which delivers the same version of Java 6.

The last update for both Java 6 and 7 was released in mid-February to fix a different security vulnerability.

Top Rated Comments

(View all)

19 months ago
I'm sure Java's had more security issues in this past week than OS X has in a decade :p
Rating: 8 Votes
19 months ago
I can't wait for the day that I see "Java and Adobe Flash Discontinued" on the MR home page.
Rating: 6 Votes
19 months ago
In other news, somebody called to d/l 4000 copies...
Rating: 5 Votes
19 months ago
Java is like a zombie that just won't die. Aim for the head!
Rating: 5 Votes
19 months ago
I love quickly putting together ugly little apps for work that run on everyone's machines in Java. I understand that the apps it produces never look as nice as native OS X ones, but is it really that bad? If Java didn't run on OS X, I suspect there'd be many apps that wouldn't run on OS X, period. Few developers would decide to go through the effort of making a full OS X app just to satisfy the few people who stubbornly insist on using OS X and not having a copy of Windows emulated or something.
Rating: 2 Votes
19 months ago

I love quickly putting together ugly little apps for work that run on everyone's machines in Java. I understand that the apps it produces never look as nice as native OS X ones, but is it really that bad? If Java didn't run on OS X, I suspect there'd be many apps that wouldn't run on OS X, period. Few developers would decide to go through the effort of making a full OS X app just to satisfy the few people who stubbornly insist on using OS X and not having a copy of Windows emulated or something.


The issue is not deploying Java apps; the issue is running Java apps in the browser. If someone wants to distribute Java apps, that's fine. If Apple supported the distribution of Java code via the Mac App Store, that would be even better. Kudos to Adobe for their Flash packager for allowing Flash code to be packaged and distributed to the various App Stores.

We had some it "professionals" say that they see no issue running Java/Flash code in the browser in other discussions here. I do not understand this casual (actually, promiscuous) attitude. It's kinda like those folks don't see the value of washing their hands when using the bathroom. :eek:
Rating: 1 Votes
19 months ago
Glad i don't have to rely on Java and consequently don't have it installed.
Rating: 1 Votes
19 months ago
Cool! A 50MB "critical" update !
Rating: 1 Votes

[ Read All Comments ]