Apple Patches Java in Mac OS X

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Apple has released Java security updates for Mac OS X v10.6.6 and Mac OS X v10.5.8 in order to address multiple vulnerabilities that could be exploited to execute arbitrary code.

The new updates patch vulnerabilities in Java 1.6.0_22 and Java 1.5.0_26 by updating the runtime's version to 1.6.0_24 or 1.5.0_28, respectively.

Oracle has released updated versions of the software back in February and Apple has skipped over 1.6.0_23 and 1.5.0_26 because they didn't fix any security vulnerabilities.

The Mac maker notes in its advisory that the new updates address vulnerabilities that may allow an untrusted Java applet to execute arbitrary code outside of the Java sandbox.

"Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user," the company writes.

There are a total of sixteen patched vulnerabilities, seven of which have the highest base score (10.0) on the Common Vulnerability Scoring System (CVSS) scale.

More details - link
 

AyeAyeCaptain

Level 1
Feb 24, 2011
585
Very interesting, I think the more these kind of things happen, then the more people can't say that this OS is more secure, and maybe the price will come down?
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
Why does Apple release these security updates for third-party software, if Microsoft did that people would complain.
 

LaserWraith

Level 1
Feb 24, 2011
497
stormgtr said:
Why does Apple release these security updates for third-party software, if Microsoft did that people would complain.

Yeah, I was wondering about that. Why is Apple releasing updates for Oracle?
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top