Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Tech News > Oracle updates Java again to close serious security flaws

Oracle updates Java again to close serious security flaws
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Feb 20, 2013, 02:32 PM
 
Oracle has once again released an updated version of Java SE 7 in order to combat serious vulnerabilities that have resulted in malware attacks on both Macs and Windows PCs. The new version, Update 15, comes less than three weeks after the previous patch, and follows an Apple-issued update to Java SE 6 in the wake of hacker attacks against Apple's own employees' work Macs. The new update is said by Oracle to "enhance security" as well as improve performance and stability.

According to company release notes, v7 Update 15 serves as a new security baseline, and will replace Java SE 6 outright on machines that can support using Java SE 7 instead. It also deprecates all use of the original "classic" web plug-in. SE 6 is referred to as being "retired" by the company. Oracle's release notes for Update 15 do not specify how many fixes are included in the update or their exact nature, though it can be presumed to incorporate the same bug fixes as Apple's patch. The previous Oracle update, which was rush-released due to active malware taking advantage of the vulnerabilities, contained fixes to some 50 security holes, almost all of which were browser-based. Apple recently blocked Java in OS X for a second time following concerns that Update 11 still had serious gaps (that were mostly addressed in the later Update 13). The move prevented malware attacks from reaching Macs "in the wild," but may have caused problems for some Mac users, since it broke any websites or apps based on the software. Many Mac users will be completely unaware of the security merry-go-round of recent Java issues, as the Java plug-in likely remains disabled (or even completely absent) from machines running OS X Lion or Mountain Lion. OS X automatically disables the Java web plug-in if it is not used for 31 days, and prompts the user to install an updated copy of Java with an automatic link to the latest version when a user runs across a site that requires Java. JavaScript, a similarly-named technology widely used on the web, is not and has never been affected by the security problems seen recently in Java. Despite the similar name, the language has nothing to do with Java, which is a cross-platform "just in time" compiler for applets that run on common code.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 10:13 PM.
All contents of these forums © 1995-2014 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2014, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2