Apple Updates, Disables Java

October 22, 2012

Last week, as part of its regular Critical Patch Update, Oracle released new versions of its Java software.  Apple has also released new versions of Java for Mac OS X. (As Mac users probably know, Apple packages and releases its own Java updates.)    The new versions are Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11.  These updates address twenty identified security flaws (essentially, the same ones that Oracle’s update fixed); further information is available on Apple’s support page for this update.

According to an article at Ars Technica, this update also makes one significant change to past Apple practice: it does not include a browser plug-in for Java, and in fact removes any existing plugins.  The Naked Security blog from anti-virus vendor Sophos has a post with some additional information.  (I didn’t know about this aspect of the update when I wrote yesterday’s post on Java.)

You can get the new version via the Software Update pane in System Preferences, or you can download the new version from Apple’s support site.

Apple Issues Fixes for OS X, Safari

May 13, 2012

A few days ago, Apple released Mac OS X Lion 10.7.4, with Security Update 2012-002.  This new version incorporates fixes for more than 30 security vulnerabilities; the details, and CVE identifiers for the vulnerabilities fixed, are in the announcement bulletin.

Apple also released a new version of its Safari Web browser, 5.1.7, for both OS X and Windows.  This version fixes four identified security flaws, which are itemized in the announcement.  The new version will also disable outdated versions of the Adobe Flash Player plugin; it will offer the user an option to download an up-to-date version from Adobe’s site.

I recommend that you install these updates as soon as you conveniently can.  You can obtain them via Software Update, or from the Apple download site.

%d bloggers like this: