iTWire - Apple's tardy Java update arrives

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Apple's tardy Java update arrives

Apple's tardy Java update arrives

E-mail

by Stephen Withers
Tuesday, 16 June 2009
Apple has finally got around to updating the Mac OS X version of Java, fixing a worrying vulnerability that's been lingering for months. Featured Whitepaper 5 Best Practices for Smartphone Support Late last year, Sun addressed a vulnerability in Java that allowed applets in web pages to escape the Java sandbox and ultimately run with whatever privileges an attacker wants. When Mac OS X 10.5.7 arrived last month without a corresponding update, Julien Tinnes, a colleague of the original discoverer went public on the issue. The vulnerability was especially significant as a reliable exploit could be written in Java to work on any hardware, operating system or browser. "This is close to the holy grail of client-side vulnerabilities," said Tinnes. Now Apple has released Java for Mac OS X 10.5 Update 4 and Java for Mac OS X 10.4 Update 9 which address this and other vulnerabilities. A substantial proportion of the issues have been known since 2008. The updater for 10.4 addresses 52 vulnerabilities, 28 in Java 1.5 and 24 in Java 1.4. It updates to Java 1.5.0_19 and 1.4.2_21. The 10.5 updater addresses an overlapping set of 53 vulnerabilities in Java 1.4 and 1.5, 28 in Java 1.6, plus another set that are specific to Java 1.5 on Mac OS X 10.5. That last group relates to Aqua Look and Feel for Java, and may allow an applet to gain elevated privileges. The fix works by denying access to internal details of Aqua Look and Feel by untrusted applets. Apple's Java Preferences utility allows a user to specify which of the installed Java Virtual Machines will be loaded. This allows the use of applets and applications that require an older JVM. Tags See All Tags Apple Applet Exploit Java Mac OS X Patch Patches Security Sun Microsystems Vulnerability Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking