14 DAY TRIAL // Apple has released Java updates for Mac OS X 10.4 and 10.5 (Tiger and Leopard) users. Java for Mac OS X 10.x Update 2 delivers improved reliability and compatibility for several editions of Java 1.4.2 on Mac OS X. The release supports all Intel and PowerPC-based Macs, while Java SE 6 is available on 64-bit, Intel-based Macs only. A number of security issues are addressed in the update.
From Apple's Downloads page,
About Java for Mac OS X 10.5 Update 2
Java for Mac OS X 10.5 Update 2 delivers improved reliability and compatibility for Java SE 6, J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.5.4 and later.
About Java for Mac OS X 10.4, Release 7
Java for Mac OS X 10.4, Release 7 delivers improved reliability and compatibility for Java 2 Platform Standard Edition 5.0 and Java 1.4 on Mac OS X 10.4.11 and later. This release updates J2SE 5.0 to version 1.5.0_16 and Java 1.4 to version 1.4.2_18. Some of the new security enhancements offered in the Java for Mac OS X 10.5 Update 2 include protection against malicious applets from launching file://URLs. Handling of URL has also been improved, to prevent an attacker from launching local files. Apple's Support section reveals that, prior to Java for Mac OS X 10.5 Update 2, visiting a maliciously crafted website could have led to arbitrary code execution.
“An error checking issue leading to the use of an uninitialized variable exists in the Hash-based Message Authentication Code (HMAC) provider used for generating MD5 and SHA-1 hashes,” says Apple. “Visiting a website containing a maliciously crafted Java applet may lead to arbitrary code execution. This update addresses the issue through improved error handling. This is an Apple-specific issue.” The Cupertino-based Mac maker credits Radim Marek for reporting this issue. You can find and download the update suitable for your system using this single link.