Apple has responded to fears over Java on Mac OS X by releasing an update, which should fix a number of dangerous flaws.
The update was pushed out yesterday for Java for OS X Lion 2012-001 and Java for Mac OS X 10.6.
Security companies had been advising people to disable Java on their Macs after reports of escalating attacks exploiting the flaws.
Earlier in the week, F-Secure identified a variant of the Flashback malware that was exploiting the CVE-2012-0507 Java vulnerability. Oracle released a patch for the flaw in February, but only for Windows. Apple’s update covers a total of 12 flaws, including CVE-2012-0507.
Rumours have indicated another available exploit for an “as-yet unpatched critical flaw in Java” was on sale, F-Secure said. It also warned a different vulnerability, CVE-2011-3521, was being exploited.
“It is strongly recommended to update your Java client to the latest version, disable it when not needed, or better yet, remove it completely if you don’t really need it,” the Finnish firm blogged yesterday.
Mac OS X attacks are still much rarer than Windows hits, but cyber criminals are recognising the value of hitting Apple machines. Last week, security researchers uncovered a never-before-seen Trojan targeting Mac users, known as MacControl. It could exploit a remote code execution vulnerability that existed in the way Microsoft Office Word handled a specially crafted file that includes a malformed record.
How much do you know about security? Test yourself with our quiz.
Microsoft faces formal EU antitrust charges over videoconferencing app Teams after concessions to European Commission…
Workers at New Jersey Apple Store vote against joining union as post-pandemic labour drive at…
Microsoft-backed OpenAI releases new AI model GPT-4o with voice conversation capability, desktop app and updated…
SpaceX prepares fourth Starship test flight, launches more Starlink satellites, shows EVA suit for commercial…
SpaceX and its contractors have left construction bills unpaid in Texas, angering many smaller suppliers,…
US to triple domestic chipmaking capacity and control 30 percent of advanced chips by 2032…