Apple updates Java with security patches

Stephen Withers
Wednesday, 19 May 2010 07:43

Business IT - Security

Apple has released updates for the versions of Java running on Mac OS X 10.5 and 10.6 (Leopard and Snow Leopard). The updates include security fixes.

Java for Mac OS X 10.5 Update 7 and Java for Mac OS X 10.6 Update 2 both deliver improved compatibility, security, and reliability, according to Apple officials.

Java SE 6 is updated to version 1.6.0_20 on both operating systems. 28 security vulnerabilities in Java are addressed by this update, including one or more that may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Two Mac-specific issues that could allow the execution of arbitrary code are also addressed.

The update for Leopard also takes J2SE 5.0 to version 1.5.0_24, and updating Java SE 6 to 1.6.0_20 for 64-bit capable Intel-based Macs. Since J2SE 1.4.2 is no longer being updated, it remains disabled by default.

J2SE 5.0 1.5.0_24 addresses the same set of vulnerabilities as Java SE 6 1.6.0_20.

Oracle (formerly Sun) released Java SE 6 1.6.0_20 in mid April. There is always a delay before the Mac OS X version of a Java update arrives, as it is maintained by Apple rather than Oracle.

The updates can be installed by using Software Update, or downloaded from Apple's Support Downloads page.