We are currently experiencing server issues, please excuse any mess. More details are availble here.
Apple and Oracle issue patches for yet another Java zero-day exploitApple on Monday released an updated version of Java 6 to plug a hole that can lead to malicious software being installed on an affected user's Mac.
Oracle also released update 17 of Java 7 today after researchers discovered multiple new vulnerabilities in the software, one of which is being actively exploited in the wild.
From Oracle's release notes:
This Security Alert addresses security issues CVE-2013-1493 (US-CERT VU#688246) and another vulnerability affecting Java running in web browsers. Due to the severity of these vulnerabilities, and the reported exploitation of CVE-2013-1493 "in the wild," Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.
Java has seen an alarmingly high number of exploits since the start of the year, with Apple and Oracle both being forced to issue multiple patches to deal with ongoing issues. In mid-January, Oracle pushed out an emergency fix for a vulnerability so severe that the U.S. Department of Homeland Security recommended all Java 7 users disable or uninstall the program until a solution was found. Later that month, another exploit prompted Apple to use the XProtect anti-malware feature baked into OS X to block Java 7 from running on Macs.
Most recently, Apple pushed out an update on Feb. 19 to cope with a similar vulnerability.
The latest Java update for OS X Lion and Mountain Lion weighs in at 63.84MB, while the Snow Leopard version comes in at 69.32MB. Both can be downloaded from Apple's Support Webpage or via Software Update.
On Topic: Mac OS X
- New macOS Sierra 10.12.1 betas available to developers & public
- Troubleshooting macOS Sierra: FileMaker, Logitech and Razer devices, 4k display issues [u]
- Inside iOS 10: Examining the new smart Photos features
- Troubleshooting macOS Sierra: Wired networking, ScanSnap, Bluetooth
- Apple updates iWork for Mac, adding real-time collaboration beta to Pages, Numbers & Keynote