The Inquirer-Home

Apple issues Java patch for Mac OS X users fixing 40 critical vulnerabilities

Could allow an untrusted Java applet to execute code outside the Java sandbox
Wed Jun 19 2013, 17:45
Java logo

MAKER OF SHINY TOYS Apple has released a security patch to keep Mac OS X users safe from 40 vulnerabilities that were recently found in Oracle's Java platform.

The firm issued the update a few hours after Oracle announced the critical patch, promising to protect its Mac OS X user base from a number of Java vulnerabilities.

Apple warned in its support centre that the most serious vulnerabilities exist in Java 1.6.0_45, which could allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. The firm warned that visiting a webpage containing such an untrusted Java applet could lead to execution of malicious code with the privileges of the current user.

The Java for Mac OS X 2013-004 and Mac OS X v10.6 Update 16 patches are available for download now on Apple's website. They cover OS versions Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7, OS X Lion Server v10.7 and OS X Mountain Lion v10.8.

The Mac OS X patches build on top of Oracle's update, also released on Tuesday but made for other operating systems. Apple confirmed that it relates to 40 vulnerabilities in the Java platform and called for users to update as quickly as possible to protect themselves from opportunistic cyber crooks.

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 40 new security fixes across Java SE products, of which 4 are applicable to server deployments of Java," Oracle said in its release.

The patch is the latest development in Oracle's ongoing battle to secure Java. Since the year began the enterprise giant has been forced to release a number of security updates, one of which was off cycle, to address a number of Java vulnerabilities. The number of vulnerabilities found and fixed in Java has increased significantly this year compared to the past two years, and it seems that the problem is ever increasing, with Apple having to play catch-up. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Internet of Things at Christmas poll

Which smart device are you hoping Santa brings?