Update: Apple's Java team has quickly responded to the patch with a revised JVM for Snow Leopard, OS X 10.6. The Java for Mac OS 10.6 Update version 12 ( APPLE-SA-1) is available in Software Update, according to an Apple security email. It updates Java to 1.6.0_39.Īnother week, another Java exploit: Computerworld notes that Oracle has once again updated the Java VM for all platforms to fend off a prospective exploit. The update is technically the scheduled February critical updates release, but the delivery was pushed up. Unfortunately, while Mac users on OS X 10.7 Lion and 10.8 Mountain Lion can upgrade their JVMs using Oracle's installer for Java 7, Snow Leopard (10.6.8) machines are out of luck. Oracle's Java 7 installer won't run, and as of yesterday Apple's supplied Java 6 is blocked by Apple's own XProtect malware shield - it won't do applets in Safari or Firefox until it's patched. Impact: Multiple vulnerabilities in Java 1.6.0_17ĭescription: Multiple vulnerabilities exist in Java 1.6.0_17, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. These issues are addressed by updating to Java version 1.6.0_20. Impact: Multiple vulnerabilities in Java 1.5.0_22ĭescription: Multiple vulnerabilities exist in Java 1.5.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.5.0_24. Impact: Visiting a web page containing a maliciously crafted untrusted Java applet may lead to an unexpected application Further information is available via the Sun Java website. Termination or arbitrary code execution with the privileges of the current userĭescription: An out of bounds memory access issue exists in the handling of mediaLibImage objects. This issue is addressed by preventing Java applets from using the package. This issue only affects the Mac OS X implementation of Java. Credit to Marc Schoenefeld of University of Bamberg for reporting this issue. Download Java for Mac OS X 10.5 Update 10 delivers improved compatibility, security, and reliability by updating J2SE 5.0 to 1.5.030, and updating Java SE 6 to 1.6. Oracle's Java version 7u25 and below have been disabled by Apple on OS X. Impact: Visiting a web page containing a maliciously crafted untrusted Java applet may lead to an unexpected application termination or arbitrary code execution with the privileges of the current userĭescription: A signedness issue exists in the handling of window drawing. Download Java For Mac 10.6.8 Apple has released Java for OS X 2013-004 for OS X 10.8 Mountain Lion and 10.7 Lion and Java for Mac OS X 10.6 Update 16.Updating to the latest release will allow Java to be run on Mac OS X. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to an unexpected application termination or arbitrary code execution with the privileges of the current user.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |