Mac Desktops
Smartphones
Cameras
Camcorders
Mac Laptops
iPad & Tablets
HDTV
Networking & Wireless
iPods
iPhone Apps
Printers
Storage
Apple on Tuesday released Security Update 2005-002. This update covers installations of Mac OS X that use Java 1.4.2. The update is available for download through the Software Update system preference pane, and is also available for download from Apple's Web site.
According to information posted on Apple's Web site, this update corrects an issue "where an untrusted applet could gain elevated privileges and potentially execute arbitrary code."
Apple describes the problem as related to a vulnerability in the Java plug-in. The exploit works through JavaScript "calling into Java code, including reading and writing files with the privileges of the user running the applet. Releases prior to Java 1.4.2 on Mac OS X are not affected by this vulnerability."
Further information about this vulnerability is available in Document ID 57591 from Sun.
Apple's update makes changes to the following files:
Java Web Start
JavaPluginCocoa.bundle
JavaScriptCore
Core Java classes
- Recommend? 0 YES 0 NO
- 0 Comments
Ad Choices
"Apple posts Security Update 2005-002" Comments
Have a comment on the story? Enter it below and share it with other readers.