For HomeFor BusinessFor Partners
Industry News
2 min read

Apple Issues Fix for Zero-Day Vulnerability in OS X

Loredana BOTEZATU

September 07, 2012

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Apple Issues Fix for Zero-Day Vulnerability in OS X

The Java vulnerability discovered in August has prompted Apple to issue their own patch for Mac OS X customers. According to this security announcement, the free update for Java for OS X 2012-005 and Java for Mac OS X 10.6 in all Mac OS versions from Snow Leopard to date is available immediately.

The company decided to release its own patch for the Java 0-day vulnerability discovered in August. The fix is therefor available for Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later.

Particularly important is that these Java updates are designed to configure Mac users` web browsers so they won`t automatically run Java applets, but rather inform users which page requires Java and mark the placeholder as “Inactive plug-in” on a web page. If the user trusts the content, they have to click it to activate it.

Apple`s take on restricting the execution of Java content by default, along with the note that “developers should not rely on the Apple-supplied Java runtime being present in future versions of OS X” is another warning sign that the Cupertino-based vendor has had enough from third-party plug-ins. In April, OS X customers were hit by the Flashback Trojan, a piece of malware that also exploited a mega-flaw in Java and that is still affecting users who haven`t updated their vulnerable build.

Apple informs its users that “updating to Java version 1.6.0_35″ is “an opportunity for security-in-depth hardening” and for details redirects them also to Oracle`s official webpage hosting a recently released emergency security patch for the controversial CVE-2012-4681 vulnerability and two others in Java 7 running in web browsers on desktops.

Standalone Java desktop applications and Java running on servers were not vulnerable.

Apple officials note that Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 “may be obtained from the Software Update pane in System Preferences, or Apple’s Software Downloads web site: http://www.apple.com/support/downloads/” while further “information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222″.

tags

Industry News

Author

Loredana BOTEZATU

Loredana BOTEZATU

A blend of product manager and journalist with a pinch of e-threat analysis, Loredana writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair.

View all posts

Right now Top posts

How to Protect Your WhatsApp from Hackers and Scammers – 8 Key Settings and Best Practices
How to Tips and Tricks

How to Protect Your WhatsApp from Hackers and Scammers – 8 Key Settings and Best Practices

April 03, 2025

8 min read
Outpacing Cyberthreats: Bitdefender Together with Scuderia Ferrari HP in 2025
Industry News

Outpacing Cyberthreats: Bitdefender Together with Scuderia Ferrari HP in 2025

March 12, 2025

1 min read
Streamjacking Scams On YouTube Leverage CS2 Pro Player Championships to Defraud Gamers
Scam

Streamjacking Scams On YouTube Leverage CS2 Pro Player Championships to Defraud Gamers

February 20, 2025

5 min read
How to Identify and Protect Yourself from Gaming Laptop Scams
Scam Tips and Tricks The Safe Nomad

How to Identify and Protect Yourself from Gaming Laptop Scams

February 11, 2025

5 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Cybersecurity Grand Prix: VPNs and a 1-2 Race Finish
Cybersecurity Grand Prix

Cybersecurity Grand Prix: VPNs and a 1-2 Race Finish
Bitdefender

December 11, 2024

3 min read
Holiday Shopping and the Dark Market Parallel
Tips and Tricks

Holiday Shopping and the Dark Market Parallel
Bitdefender

December 04, 2024

4 min read
Track Guide to Las Vegas: Cybersecurity Edition
Cybersecurity Grand Prix

Track Guide to Las Vegas: Cybersecurity Edition
Bitdefender

November 19, 2024

3 min read

Bookmarks

loader