NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

TRENDING TODAY

Home > News > Security

September 6th, 2012, 09:40 GMT · By Filip Truta

Apple Patches Zero-Day Vulnerability in OS X

Adjust text size:

Apple has released its own patches for OS X users affected by a zero-day vulnerability in Oracle’s Java platform that was discovered in August. Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 are free updates to all Mac OS versions starting with Snow Leopard.

The Cupertino, California-based Apple Inc. reveals in a security bulletin that Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 are now available for Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, and OS X Mountain Lion 10.8 or later.

“An opportunity for security-in-depth hardening is addressed by updating to Java version 1.6.0_35,” the Mac maker notes, directing customers to Oracle’s site for more information.

Oracle explains that the flaws don’t apply to Java running on servers or standalone Java applications. Oracle server-based software is also unaffected.

However, a cybercriminal can potentially exploit the flaws remotely, “without authentication, i.e., they may be exploited over a network without the need for a username and password.”

“To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages this vulnerability,” Oracle explains. “Successful exploits can impact the availability, integrity, and confidentiality of the user's system.”

Oracle urges customers to apply the updates “due to the severity of these vulnerabilities.”

For its part, Apple instructs Mac users on how to obtain the new Java releases.

“Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/,” according to the fruity company in Cupertino, California.

Mac users should note that both these Java updates will configure their web browsers to not automatically run Java applets. However, users can re-enable these by clicking the region labeled "Inactive plug-in" on a web page.

Download Java for Mac OS X (Free)

FILED UNDER:

	Share your thoughts on this story...
		1,612 hits Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:

Hacker Claims to Have Mitt Romney's Tax Records, Wants $1 Million in Bitcoins

Finnish Developer Demoes Breaking into the OS X Keychain

Anonymous Calls Out the FBI for Denying It's the Source of the Apple Data Leak

FBI Denies It's the Source of the Anonymous iPhone Data Leak

Anonymous Group Holds Data on 12 Million iPhones, iPads and Their Owners, from the FBI

READER COMMENTS:

No user comments yet.

Be the first to express your opinion!

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use