Oracle Releases Patch to Address Security Vulnerability in Java 7 - MacRumors
Skip to Content

Oracle Releases Patch to Address Security Vulnerability in Java 7

Java Web 165Earlier this week, we reported on a newly-disclosed vulnerability in Java SE 7 that could pose a risk for users on a wide variety of platforms, including OS X. While the real-world threat to Mac users stemming from the vulnerability is very low given that a Mac-specific exploit for the vulnerability has not been seen and only a small fraction of Mac users have manually installed Java SE 7, the incident has served as another reminder the Mac users can be vulnerable malicious attacks.

Although Oracle was reportedly warned of the issue months ago and apparently did not take significant action to protect users until it became public, the company has now moved quickly to address the problem with today's announcement regarding the release of Java SE 7 Update 7. The release addresses the specific vulnerability disclosed earlier this week as well as several others, and the company has also released Java SE 6 Update 35 to address a separate issue with the earlier version.

If successfully exploited, these vulnerabilities can provide a malicious attacker the ability to plant discretionary binaries onto the compromised system, e.g. the vulnerabilities can be exploited to install malware, including Trojans, onto the targeted system. Note that this malware may in some instances be detected by current antivirus signatures upon its installation.

The updated versions of Java are available though Oracle's Java download page.

Popular Stories

Apple 2026 Back to School Graphic

Apple's 2026 Back to School Offer Just Went Live in Select Countries

Wednesday July 15, 2026 11:48 am PDT by
Apple's annual Back to School promotion is now live in select countries in Asia, including China, India, Malaysia, the Philippines, Singapore, Taiwan, Thailand, and Vietnam. The offer provides college students and educational staff with a free item with the purchase of an eligible Mac or iPad model. The exact offer varies by country, with options including a pack of four AirTags, AirPods 4,...
iphone 17 cyber

Apple Closes Unlocked iPhone Loophole for T-Mobile and Verizon Financing

Wednesday July 15, 2026 3:20 pm PDT by
Carrier-financed iPhones purchased from Apple will soon be locked to the carrier, ending a workaround customers used to purchase an unlocked iPhone on a payment plan. Until the rule change, buying an iPhone from Apple and opting for financing through Verizon or T-Mobile meant you would get an iPhone not locked to either carrier's network. That's no longer the case, and now iPhones financed...
iPhone 18 Pro Deep Red Feature

iPhone 18 Pro Launching in Two Months With These 12 New Features

Friday July 17, 2026 10:39 am PDT by
It is now mid-July, and that means the iPhone 18 Pro and iPhone 18 Pro Max are now just two months away. The devices are expected to look similar to the iPhone 17 Pro and iPhone 17 Pro Max, but there will still be many year-over-year changes, with rumored features including a smaller Dynamic Island, 5G via satellite, and more. Apple is expected to unveil the iPhone 18 Pro, iPhone 18 Pro Max, ...

Top Rated Comments

Rodimus Prime Avatar
181 months ago
plugging up the sinking ship, sad really - java comes in quite handy, i'm guessing it will eventually phased out from the apple environment.
sounds like someone who has no understanding of Java or how powerful it really is.
Score: 8 Votes (Like | Disagree)
bbeagle Avatar
181 months ago
So.... that means that we will get it in about a month and a half when Apple releases it?

You haven't been paying attention. Apple is not releasing any Java updates ever again. They all go through Oracle now.
Score: 8 Votes (Like | Disagree)
669532 Avatar
181 months ago
plugging up the sinking ship, sad really - java comes in quite handy, i'm guessing it will eventually phased out from the apple environment.
Score: 4 Votes (Like | Disagree)
181 months ago
plugging up the sinking ship, sad really - java comes in quite handy, i'm guessing it will eventually phased out from the apple environment.

Which is ironic, because Java has built-in protection against buffer overflows whereas C, C++, and Objective-C (Cocoa) are all vulnerable. While clunky (though it's gotten better) and ugly, Java was always a pretty safe environment.
Score: 3 Votes (Like | Disagree)
181 months ago
plugging up the sinking ship, sad really - java comes in quite handy, i'm guessing it will eventually phased out from the apple environment.

Sounds just like Flash...
Score: 2 Votes (Like | Disagree)
GJSchaller Avatar
181 months ago
The Mac version of the Oracle release will update it self if you launch the control panel (from System Preferences) - mine just asked me to update when I looked at it.
Score: 2 Votes (Like | Disagree)