Apple and Oracle issue patches for yet another Java zero-day exploitApple on Monday released an updated version of Java 6 to plug a hole that can lead to malicious software being installed on an affected user's Mac.
Oracle also released update 17 of Java 7 today after researchers discovered multiple new vulnerabilities in the software, one of which is being actively exploited in the wild.
From Oracle's release notes:
This Security Alert addresses security issues CVE-2013-1493 (US-CERT VU#688246) and another vulnerability affecting Java running in web browsers. Due to the severity of these vulnerabilities, and the reported exploitation of CVE-2013-1493 "in the wild," Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.
Java has seen an alarmingly high number of exploits since the start of the year, with Apple and Oracle both being forced to issue multiple patches to deal with ongoing issues. In mid-January, Oracle pushed out an emergency fix for a vulnerability so severe that the U.S. Department of Homeland Security recommended all Java 7 users disable or uninstall the program until a solution was found. Later that month, another exploit prompted Apple to use the XProtect anti-malware feature baked into OS X to block Java 7 from running on Macs.
Most recently, Apple pushed out an update on Feb. 19 to cope with a similar vulnerability.
The latest Java update for OS X Lion and Mountain Lion weighs in at 63.84MB, while the Snow Leopard version comes in at 69.32MB. Both can be downloaded from Apple's Support Webpage or via Software Update.
On Topic: Mac OS X
- Adobe reverses course, says Metal support in After Effects 'one possibility' [u]
- Apple issues second public beta of OS X El Capitan 10.11.1
- OS X El Capitan still exposed to vulnerabilities in Gatekeeper & Keychain, researchers say
- First look video: Split View, new Mission Control in Apple's OS X 10.11 El Capitan
- Apple releases OS X 10.11 El Capitan with Safari 9, new Spotlight search, Split View, more