For HomeFor BusinessFor Partners
Industry News
2 min read

Apple Issues Fix for Zero-Day Vulnerability in OS X

Loredana BOTEZATU

September 07, 2012

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Apple Issues Fix for Zero-Day Vulnerability in OS X

The Java vulnerability discovered in August has prompted Apple to issue their own patch for Mac OS X customers. According to this security announcement, the free update for Java for OS X 2012-005 and Java for Mac OS X 10.6 in all Mac OS versions from Snow Leopard to date is available immediately.

The company decided to release its own patch for the Java 0-day vulnerability discovered in August. The fix is therefor available for Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later.

Particularly important is that these Java updates are designed to configure Mac users` web browsers so they won`t automatically run Java applets, but rather inform users which page requires Java and mark the placeholder as “Inactive plug-in” on a web page. If the user trusts the content, they have to click it to activate it.

Apple`s take on restricting the execution of Java content by default, along with the note that “developers should not rely on the Apple-supplied Java runtime being present in future versions of OS X” is another warning sign that the Cupertino-based vendor has had enough from third-party plug-ins. In April, OS X customers were hit by the Flashback Trojan, a piece of malware that also exploited a mega-flaw in Java and that is still affecting users who haven`t updated their vulnerable build.

Apple informs its users that “updating to Java version 1.6.0_35″ is “an opportunity for security-in-depth hardening” and for details redirects them also to Oracle`s official webpage hosting a recently released emergency security patch for the controversial CVE-2012-4681 vulnerability and two others in Java 7 running in web browsers on desktops.

Standalone Java desktop applications and Java running on servers were not vulnerable.

Apple officials note that Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 “may be obtained from the Software Update pane in System Preferences, or Apple’s Software Downloads web site: http://www.apple.com/support/downloads/” while further “information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222″.

tags

Industry News

Author

Loredana BOTEZATU

Loredana BOTEZATU

A blend of product manager and journalist with a pinch of e-threat analysis, Loredana writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair.

View all posts

Right now Top posts

Torrents with Pirated TV Shows Used to Push Lumma Stealer Malware
Threats The Safe Nomad

Torrents with Pirated TV Shows Used to Push Lumma Stealer Malware

November 14, 2024

4 min read
How Scammers Stole $20 Million by Hacking Emails of Real Estate Agents – Here’s Why Small Firms Must Take Cybersecurity Seriously
Industry News Very Small Business Scam

How Scammers Stole $20 Million by Hacking Emails of Real Estate Agents – Here’s Why Small Firms Must Take Cybersecurity Seriously

November 11, 2024

3 min read
Is Your Digital Footprint Placing You in Scammers’ Crosshairs?
Scam

Is Your Digital Footprint Placing You in Scammers’ Crosshairs?

October 17, 2024

4 min read
What Key Cyberthreats Do Small Businesses Face?
Tips and Tricks How to Very Small Business

What Key Cyberthreats Do Small Businesses Face?

September 06, 2024

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Track Guide to Las Vegas: Cybersecurity Edition
Cybersecurity Grand Prix

Track Guide to Las Vegas: Cybersecurity Edition
Bitdefender

November 19, 2024

3 min read
Cybersecurity Grand Prix: Race to Secure Your Digital Footprint
Cybersecurity Grand Prix

Cybersecurity Grand Prix: Race to Secure Your Digital Footprint
Bitdefender

October 28, 2024

3 min read
Finnish Customs, Europol, Swedish Police and Bitdefender Cooperation Leads to Sipulitie Dark Web Marketplace Shut Down
Industry News

Finnish Customs, Europol, Swedish Police and Bitdefender Cooperation Leads to Sipulitie Dark Web Marketplace Shut Down
Bitdefender

October 15, 2024

3 min read

Bookmarks

loader