Untrusted Java applets execute arbitrary code outside the Java sandbox

Apr 4, 2012 06:27 GMT  ·  By

Apple has patched a nasty set of flaws in the Mac version of Java with the release of Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7.

Last month, several security software vendors sounded the alarm on a new vulnerability in Apple’s Mac operating system, prompting the Cupertino, California computer giant to take immediate action.

Austin, Texas-based Mac security expert Intego reported late last month that “A new malware, Tibet.A, has been discovered, taking advantage of a Java vulnerability that has also been used recently by the Flashback malware. Tibet.A exploits a vulnerability that is corrected in up-to-date Macs, but that may be accessible if users don’t apply system updates.”

Today, all Mac users (running Lion or Snow Leopard) accessing Software Update will be greeted by a new release of Java that plugs the holes in question.

Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7 deliver “improved reliability, security, and compatibility for Java SE 6,” according to Apple’s memos on support.apple.com/downloads. “Please quit any web browsers and Java applications before installing this update,” adds the Mac maker.

The flaw is further documented in a separate tech-note which reveals that “Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox.”

“Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31,” says the advisory.

Apple directs users to the Java website at http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html where further information is available.

For Mac OS X v10.6 systems, the download file is named “JavaForMacOSX10.6.dmg”. For OS X Lion systems, the download file is named “JavaForOSX.dmg”.