Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC NetApp Digital Newsroom WatchGuard Digital Newsroom Cisco Partner Summit Digital 2020 HPE Zone The Business Continuity Center Enterprise Tech Provider Masergy Zenith Partner Program Newsroom Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom Intel Partner Connect 2021 Avaya Newsroom Experiences That Matter The IoT Integrator NetApp Data Fabric Intel Tech Provider Zone

Apple Patches Malware-Targeted Java Bug

Apple has released a fix for multiple Java vulnerabilities that could enable criminals to execute code on a Mac without the user having to enter a password.

Apple launched Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7 almost two months after patches for the same exploits were released for Windows. Experts often criticize the Mac maker for taking too long to patch Java vulnerabilities.

Apple's delay in getting out patches has led to security vendors recommending Mac owners disable Java and use the technology only as needed. "Mac users and IT admins for Macs should review whether Java is actually needed for their usage," Wolfgang Kandek, chief technology officer for security vendor Qualys, said in the Redwood Shores, Calif.-based company's blog.

[Related: 2012 Partner Programs Guide: 5-Star Security Vendors ]

The latest Apple updates are for Mac OS X v10.6.8 and OS X Lion v10.7.3, including the sever versions. The patches fix Java 1.6.0_29. For detailed information on the flaws, Cupertino, Calif.-based Apple recommends going to the site of Java-owner Oracle.

The most serious vulnerabilities enable a cyber-criminal to execute code on a Web browser, including Apple Safari, when a person visits a compromised Web site. Crooks can run the code on a Mac without requiring the user to enter a password.

Helsinki, Finland-based F-Secure reported Monday that a variant of the Flashback malware exploiting unpatched Java on the Mac had been spotted on the Internet. Flashback, which targets the Safari and Firefox Web browsers, is designed to steal passwords to online banking and other Web sites visited by people with an infected Mac.

Back to Top



    trending stories

    sponsored resources