Just a day after reports spread about a Java-based Trojan horse that could install itself on your Mac without requiring that you enter a password, Apple has released Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7.
The updates, which are available for Mac OS X 10.6.8 Snow Leopard and 10.7.3 Lion (including both OSes' Server editions), patch multiple vulnerabilities in Java 1.6.0_29--including some that could allow malicious code to run on your Mac outside of the Java sandbox, triggered merely by your visiting a webpage containing the right nefarious code.
For full details on the update, Apple points to Oracle. The update patches no fewer than a dozen vulnerabilities, including the one exploited most recently in the newly-discovered Flashback Trojan horse variant. The security holes in question were patched for Windows users back in February; Apple has long been criticized for lagging behind Windows in such areas.
The patches are available from Apple's website or via Software Update.
No comments yet.
Leave a comment
You must be logged in to post a comment.
Trackbacks are disabled.