Apple Updates Java for Lion and Snow Leopard in Sync with Oracle
Apple yesterday released a pair of software updates for Java, issuing versions for both Lion and Snow Leopard. The update in part builds upon an earlier Java update for Lion that disabled automatic execution of Java applets in an attempt to minimize the impact of Java-based malware threats like Flashback.
This update configures web browsers to not automatically run Java applets. Java applets may be re-enabled by clicking the region labeled "Inactive plug-in" on a web page. If no applets have been run for an extended period of time, the Java web plug-in will deactivate.
As noted by Krebs on Security, the release is notable because it came on the same day that Oracle released updates for Java on other platforms. Apple has long been criticized for lagging on Java updates, a policy which allowed the Flashback malware to flourish as Mac systems remained unprotected against the threat even though Oracle had patched the vulnerability on other systems several months before.
The update Oracle released yesterday, Java 6 Update 33 and Java 7 Update 5, fixes at least 14 security flaws in the oft-attacked software that is installed on more than three billion devices worldwide. Apple’s Java update brings Java on the Mac to 1.6.0_33, and patches 11 of the 14 security vulnerabilities that Oracle fixed in Tuesday’s release. It’s unclear whether those other three flaws simply don’t exist in the Mac version of Java, but we’ll take progress where we can get it.
With Java SE 7 set to come to the Mac later this year, control over updates is transitioning from Apple to the OpenJDK project, with both Apple and Oracle providing expertise to ensure that updates for Mac roll out on a timely basis. That transition was begun back in late 2010, with Steve Jobs noting at the time that having Apple responsible for Java updates on the Mac "may not be the best way to do it."
Popular Stories
Apple's AirPods have been credited with saving a woman's life after a potentially fatal fall, People reports.
When a 60-year-old florist in New Jersey tripped and hit her head in her studio, she lost consciousness and awoke heavily bleeding. With nobody around to call for help, she realized she had her AirPods in, and used a "Hey Siri" command to call 911. An operator was able to stay on the ...
Apple will no longer include EarPods with every iPhone sold in France, starting on January 24, according to a notice posted by a French carrier (via iGeneration). Apple was previously required to include EarPods in the box with the iPhone due to a French law that required every smartphone sold in the country to come with a "handsfree kit," but the law has now been changed in favor of reducing the ...
Following months of bleak news about Peloton's "precarious state," including the revelation that it has halted production of its bikes and treadmills, Apple is being floated as a potential buyer of Peloton's troubled fitness business.
Yesterday, CNBC reported that Peloton will temporarily stop production of its connected fitness products due to a "significant reduction" in consumer demand, a ...
Apple has always emphasized the depth of thought that goes into the design of its products. In the foreword to Designed by Apple in California, a photo book released by the company in 2016, Jony Ive explains how the company strives "to define objects that appear effortless" and "so simple, coherent and inevitable that there could be no rational alternative."
But every once in a while even...
Earlier this week, Bloomberg's Mark Gurman tweeted that Apple "will be holding a spring event" to announce a new iPhone SE and other hardware. In a recent edition of his newsletter, Gurman said the event is likely to occur in March or April.
Gurman did not elaborate on what "other hardware" will be announced at Apple's purported spring event, but rumors suggest at least four products are...
Apple is working on a number of new products that are set to launch this fall, and Bloomberg's Mark Gurman says that it will be "the widest array" of new devices that Apple has introduced in its history.
In his latest "Power On" newsletter, Gurman explains that Apple is working on four new iPhones (iPhone 14, iPhone 14 Max, iPhone 14 Pro, and iPhone 14 Pro Max), an updated low-end MacBook Pro...
The watchOS 8.4 release candidate that was seeded to developers and beta testers this morning addresses an ongoing bug that could cause some Apple Watch chargers not to work properly with the Apple Watch.
Back in December, we reported on a growing number of charging issues that Apple Watch Series 7 owners were facing. Since watchOS 8.3, there have been a number of complaints about...
The macOS Monterey 12.2 and iOS 15.3 release candidates that came out today appear to address a Safari bug that could cause your recent browsing history and details about your identity to be leaked to malicious entities.
As shared last week by browser fingerprinting service FingerprintJS, there is an issue with the WebKit implementation of the IndexedDB JavaScript API. Any website that uses...
Earlier this week, Apple began requiring that customers taking advantage of educational discounts in the United States verify their status as a teacher, student, or school staff member through UNiDAYS.
The requirement was a major change as Apple had never asked customers to go through a verification process in the United States before, and now, just three days after verification was added,...
Top Rated Comments
Why are you so internet angry?
I wait feverishly every month for new Java updates.
Not really sure what your particular point is commenting in this thread if it has no relevance to you, though hey, your time is your own. I'm also not sure whether anyone cares, really, if you use it on your Mac or if you've shut down access, or whatever (but maybe that's just me :)) but to call it irrelevant is to perhaps not see the bigger picture. It's out there running a lot of stuff you interact with on a daily basis, as mentioned previously.
Given that Java is one of the most popular programming language in the world, at lot of developers (including me) care. It means I can use my mac at work.
Also, due to a rather stupid decision on a national scale, Java is required for logging into banks in Denmark.
Last I heard Apple still uses WebObjects as its web application server technology to power both the Apple Online Store and the iTunes Store.
Want to take a bet at what WebObjects is written in? That's right; Java.