Just hours after Apple announced that it too was victim to a wide-ranging malware attack, the company released a new version of Java for OS X to plug a hole in the software that can be exploited to install malware onto an affected machine.
According to the release notes, "Java for OS X 2013-001 1.0" brings improvements to security, reliability and compatibility by updating Java SE 6 to version 1.6.0_41.
This release updates the Apple-provided system Java SE 6 to version 1.6.0_41 and is for OS X versions 10.7 or later.This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a webpage, click on the region labeled "Missing plug-in" to go download the latest version of the Java applet plug-in from Oracle.
This update also removes the Java Preferences application, which is no longer required to configure applet settings.
Earlier on Tuesday, Apple disclosed that a limited number of employee laptops were attacked by the same group responsible for hacking social networking site Facebook. The company said there is no evidence that vital information was compromised or stolen as a result of the attack.
While not much is known about the Apple breach, the malware deployment is thought to have been disseminated through a Java zero day exploit that hit Facebook's systems late last week.
The Java update can be downloaded via Apple's Support webpage or through Software Update.
41 Comments
That was quick. This vulnerability must be pretty serious.
Snow Leopard?
This updated my 10.6 Snow Leopard. Went to http://www.java.com/en/download/testjava.jsp to confirm.
Apple not hacked.
Java hacked.
Again.
The sooner we can kill off Java (and Flash), the better