Oracle Releases Java 7 Update 13 to Address Security Issues, Reenable Web Plug-in on OS X

Friday February 1, 2013 1:01 pm PST by Eric Slivka
java_logo_newLess than two days after Apple once again blocked Java 7 web plug-ins on OS X, Oracle has released an updated version of Java 7 to address certain security vulnerabilities.

The new Java 7 arrives as Update 13 and carries a version number of 1.7.0_13-b20, meeting Apple's requirement for a minimum of 1.7.0_11-b22. Oracle has also released an updated version of Java 6, although Apple was not blocking the previous version of the plug-in.

Oracle notes that the new update contains fixes for over 50 issues and that the launch was accelerated by several weeks in order to address a vulnerability that was being exploited in the wild.
The original Critical Patch Update for Java SE – February 2013 was scheduled to be released on February 19th, but Oracle decided to accelerate the release of this Critical Patch Update because active exploitation “in the wild” of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers, was addressed with this Critical Patch Update. [...]

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 50 new security fixes across Java SE products.
The latest versions of all Java SE packages are available through Oracle's support site.

(Thanks, Flemming!)

[ 134 comments ]

Top Rated Comments

(View all)

Avatar
unplugme71
92 months ago
I give it 24 hours before a new flaw is found and Apple blocks it again.
Rating: 12 Votes
Avatar
C DM
92 months ago

See, here's the problem. Clearly Apple knows when these patches are going to be released otherwise they wouldn't know what version it's going to be or when to block the old version. Problem is, they have to stop preempting Oracle. There is an order to things in life Apple, this isn't it.

There's nothing clear about that kind of a theory. Apple blocks it when it feels there's enough justification out there for it to be a threat. They simply block the highest version that is available and have no clue what the next released version will be, but anything higher than the highest version at the time of blocking will supersede the block and work. Fairly straightforward and completely doesn't involve any prior knowledge of anything at all.
Rating: 9 Votes
Avatar
lkrupp
92 months ago

Direct link to update. (http://download.oracle.com/otn-pub/java/jdk/7u13-b20/jre-7u13-macosx-x64.dmg)


Why? You can easily update from the Java preference panel. No hassles.

----------

I spent all morning fixing this and right when I fixed it apple releases an update :@

A LITTLE NOTICE NEXT TIME WOULD BE NICE :@


Apple didn't release it, Oracle did. If you don't know how it works then don't install it.
Rating: 6 Votes
Avatar
Windlasher
92 months ago
It's not you Java it's me.....I'm seeing someone else. No, don't cry. HTML 5 really understand me.....
Rating: 4 Votes
Avatar
Verbatim Cookie
92 months ago
We are never, ever getting back together, Java. :mad:
Rating: 4 Votes
Avatar
FloatingBones
92 months ago
At least Oracle doesn't bundle deceptive spam-ware with their Mac updates like they do with their PC updates (http://www.zdnet.com/a-close-look-at-how-oracle-installs-deceptive-software-with-java-updates-7000010038/).
Rating: 4 Votes
Avatar
Northgrove
92 months ago
It's Java updates all the way down.
Rating: 4 Votes
Avatar
pgiguere1
92 months ago
Direct link to update. (http://download.oracle.com/otn-pub/java/jdk/7u13-b20/jre-7u13-macosx-x64.dmg)
Rating: 4 Votes
Avatar
justperry
92 months ago

a bit naive?


Mac Virus/Malware FAQ - Mac Guides (http://guides.macrumors.com/Mac_Virus/Malware_FAQ)
Rating: 3 Votes
Avatar
Undecided
92 months ago

Edit: Ah right. "Undecided"'s reply above is a better than mine to check for Java installed as an actual browser plugin.


So, uh, someone blew away my response..... :confused:
Rating: 3 Votes

[ Read All Comments ]