Apple releases Java security updates

It’s probably safe to turn your Mac on again. Just a day after reports spread about a Java-based Trojan horse that could install itself on your Mac without requiring that you enter a password, Apple has released Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7.

The updates, which are available for Mac OS X 10.6.8 Snow Leopard and 10.7.3 Lion (including both OS’s Server editions), patch multiple vulnerabilities in Java 1.6.0_29—including some that could allow malicious code to run on your Mac outside of the Java sandbox, triggered merely by your visiting a webpage containing the right nefarious code.

For full details on the update, Apple points to Oracle.

The update patches no fewer than a dozen vulnerabilities, including the one exploited most recently in the newly-discovered Flashback Trojan horse variant.

The security holes in question were patched for Windows users back in February; Apple has long been criticized for lagging behind Windows in such areas.

The patches are available from Apple’s website or via Software Update.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Help Desk Newsletter