Apple patches Java 6 for OS X Snow Leopard, Lion

Duplicates the defense-in-depth change Oracle issued last week

Gregg Keizer (Computerworld (US))
05 September, 2012 19:43
Comments

Apple today issued a Java update for OS X Lion and Snow Leopard to make it more difficult for hackers to exploit other vulnerabilities.

The update brought Java 6 up to par with Oracle's version 35, which it released last Thursday, Aug. 30. Oracle's so-called "out-of-band," or emergency patch, fixed three bugs in Java 7 that hackers had already begun exploiting, and made one change to Java 6.

"[The latter] represents a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited," Oracle said in its advisory of a week ago.

Apple was required to provide the defense-in-depth update because it still maintains Java 6, which it bundled with 2009's OS X Snow Leopard and offered to users running 2011's Lion as an optional download when they encountered a Java applet on the Web.

However, Apple is not responsible for Java 7; the company handed back control of the software to Oracle in 2010. The OS X patches for the three Java 7 flaws, then, were produced by Oracle and shipped last week alongside the fixes for the Windows version of Java 7.

Today's Java patch was the first Apple update for OS X Snow Leopard since June 12. Although Snow Leopard still powers about a third of all Macs, Apple has likely halted security updates for that edition. If Apple follows past practice, it will continue to update a small group of homegrown and third-party components -- iTunes, Java, QuickTime and Safari -- in Snow Leopard for several months.

Java 6 version 35 can be downloaded from Apple's website for OS X Snow Leopard and Lion. Users running Java can also wait for Software Update to notify them that the Java download is available.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is gkeizer@computerworld.com.

See more by Gregg Keizer on Computerworld.com.

Read more about security in Computerworld's Security Topic Center.

"* as it relates to 50% of their shareholding"

Australia remains black spot for Vodafone
"It is actually 216,000 customers lost - the shareholders report 50% of ..."

Australia remains black spot for Vodafone
"What about personal VPNs like expressvpn.biz for the BYOD workforce?"

How to provide IT support to a dispersed workforce
"When discussing treble the performance, perhaps the author meant that desktops would ..."

Intel claims Haswell will offer 50 per cent more battery life in laptops
"treble the performance in desktops?"

Intel claims Haswell will offer 50 per cent more battery life in laptops

Whitepapers

All whitepapers

Most Read

Sign up now to get free exclusive access to reports, research and invitation only events.

Most Commented

Featured Whitepapers

A Holistic Approach to your BYOD Challenge

More and more enterprises are seeing significant benefits from allowing employees to choose the device they use to get their jobs done, and are adopting bring your own device (BYOD) initiatives. While the BYOD trend increases flexibility and productivity, it introduces a host of new challenges for your IT administrators. Click for more!

Featured Download

DivX Plus

Divx Plus 8 provides you with a Web Player which allows you to watch DivX, AVI and MKV videos in your web brower; you can ...

Zones

Most Popular Whitepapers

ASIC Optimises and Promotes Network Automation Using HP Software

Allianz Shared Infrastructure Services SE (ASIC) wanted to replace its current suite of management tools, some of which had been developed in-house, with a standard solution for the management of 600 network components in its data centre, in order to reduce costs and further improve quality. Find out what approach they took download today.

Popular tags: Business Management, Security, Storage, Data Centre, Virtualisation

Latest Jobs

FTTest EngineerVIC
FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
FTTechnical Business AnalystNSW
FTQuality ManagerSA
FTFlash / ActionScript Developer - ContractNSW
FT.NET - Sitecore Developer - Melbourne - PermNSW
FTLead Software EngineerSA
FTOS Web Applications DeveloperNSW
FTR&D EngineerSA
FTWeb Analyst - WebTrendsVIC
FTSenior Python DeveloperNSW

Market Place

Apple patches Java 6 for OS X Snow Leopard, Lion

Recommended

Ericsson makes bus windows part of a Wi-Fi ...

AusCERT 2013: Police urge banks to install ATM ...

Australian eHealth messaging trial a success

Telstra COO reveals restructure

NSW Police issues warning on 3D printed guns

Intel claims Haswell will offer 50 per cent more battery life in laptops

UPDATED: 4G in Australia: The state of the nation

Intel claims Haswell will offer 50 percent more battery life

Risk of de facto Internet filter for Australia: Ludlam

What’s life really like on the NBN? (Part II)

Australia remains black spot for Vodafone

Australia lags Mongolia in Internet speeds

Conroy dismisses claims of NBN failing

Intel claims Haswell will offer 50 per cent more battery life in laptops

A Holistic Approach to your BYOD Challenge

Moving to a Private Cloud? Infrastructure Really Matters!

2013 Global Information Security Survey: Initial findings

Mobility Apps: What every developer should know

DivX Plus

Symantec Business Critical Virtualisation Content Zone

BlackBerry Enterprise Service 10 Zone

HP Tech Connect Resource Centre

ASIC Optimises and Promotes Network Automation Using HP Software

Clearing the Clouds for Midmarket Businesses

Six Reasons to Empower Your SharePoint Citizen Developers

Hybrid IT Service Management: A Requirement for Virtualisation and Cloud Computing

Deploying Flash in the Enterprise

Computerworld newsletter

Don't have an account?

Apple patches Java 6 for OS X Snow Leopard, Lion

Recommended

Computerworld newsletter