Apple Releases Java for Mac OS X 10.6 Update 12

Bug allows untrusted Java applet to execute arbitrary code outside the Java sandbox

By on February 2nd, 2013 12:33 GMT

After blocking the latest version of Java from OS X Mountain Lion, Apple is now patching the Snow Leopard implementation with Java for Mac OS X v10.6 Update 12.

As Oracle is fixing a bug it should have taken care of a long time ago, Apple is taking matters into its own hands releasing Java for Mac OS X v10.6 Update 12, which “delivers improved security, reliability, and compatibility for Java SE 6.”

Superseding all previous versions of Java for Mac OS X v10.6, Java for Mac OS X v10.6 Update 12 is provided as a free download on Apple’s Support site. A direct download link is also available below.

The release updates the system Java SE 6 to version 1.6.0_39 for Mac OS X v10.6 which Apple itself provided in the past.

The Cupertino giant explains that, “On systems that have not already installed Java for Mac OS X 10.6 update 9 or later, this update will configure web browsers to not automatically run Java applets.”

“You may re-enable Java applets by clicking the region labeled ‘Inactive plug-in’ on a webpage. If no applets have been run for an extended period of time, the Java web plug-in will deactivate,” says Apple.

A security advisory on the company’s Support site reveals that Java 1.6.0_37 contains multiple vulnerabilities one of which “may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox.”

Apple explains that “Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user.”

Java version 1.6.0_39 addresses these issues as described on the Java website at http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html.

Download Java for Mac OS X 10.6 Update 12 (Free)

Comments