Apple rolled out new software updates Tuesday, though probably not the one some users were looking for. Instead of the iOS 4.3 update that some corners of the Internet insisted was in the works for Tuesday, the company released Java updates for Mac OS X 10.5 and 10.6.
According to Apple’s release notes, the Java for Mac OS X 10.6 Update 4 brings improved compatibility, security, and reliability by updating Java SE 6 to 1.6.0_24. The update requires Mac OS X 10.6.4 or later.
On the security front, Apple's notes say that the update addresses multiple vulnerabilities in Java 1.6.0_22. The most serious vulnerability could have let an untrusted Java applet execute arbitrary code outside the Java sandbox. Visiting a Web page containing a maliciously crafted untrusted Java applet could have led to that arbitrary code execution with the privileges of the current user.
Likewise, Java for Mac OS X 10.5 Update 9 promises compatibility, security, and reliability improvements. Available for Mac OS x 10.5.8 or later, the software patch updates J2SE 5.0 to 1.5.0_28 and Java SE 6 to 1.6.0_24 for 64-bit capable Intel-based Macs. J2SE 1.4.2 remains disabled in this update, Apple says.
The security notes for the Leopard Java update mention the same vulnerabilities addressed in the Snow Leopard fix.