After being hacked, Apple pushes out Java update to patch security hole
AppleInsider Staff
Just hours after Apple announced that it too was victim to a wide-ranging malware attack, the company released a new version of Java for OS X to plug a hole in the software that can be exploited to install malware onto an affected machine.
According to the release notes, "Java for OS X 2013-001 1.0" brings improvements to security, reliability and compatibility by updating Java SE 6 to version 1.6.0_41.
This release updates the Apple-provided system Java SE 6 to version 1.6.0_41 and is for OS X versions 10.7 or later.
This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a webpage, click on the region labeled "Missing plug-in" to go download the latest version of the Java applet plug-in from Oracle.
This update also removes the Java Preferences application, which is no longer required to configure applet settings.
Earlier on Tuesday, Apple disclosed that a limited number of employee laptops were attacked by the same group responsible for hacking social networking site Facebook. The company said there is no evidence that vital information was compromised or stolen as a result of the attack.
While not much is known about the Apple breach, the malware deployment is thought to have been disseminated through a Java zero day exploit that hit Facebook's systems late last week.
The Java update can be downloaded via Apple's Support webpage or through Software Update.
Malcolm Owen
William Gallagher
Christine McKee
Michael Stroup
William Gallagher and Mike Wuerthele
Chip Loder
