Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

 
 
Thread Tools Search this Thread Display Modes
Prev Previous Post   Next Post Next
Old Jan 14, 2013, 09:36 AM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Oracle Updates Java 7 to Address Security Vulnerability




On Friday, we noted that Apple had taken the rare step of using its anti-malware tools in OS X to disable existing installations of the Java 7 browser plug-in due to a major security vulnerability that was being actively exploited in the wild. Apple's anti-malware system is capable of enforcing minimum version numbers for plug-ins such as Java and Flash, and Apple simply updated its blacklist information to require that machines be running a higher version of the Java 7 plug-in than was publicly available.

Oracle has now released Java 7 Update 11, and the release notes indicate that it does indeed address the vulnerability. The new release registers with a version string of 1.7.0_11-b21, satisfying Apple's requirement for a minimum version number of 1.7.0_10-b19.

In addition to the fix for the vulnerability, Java 7 Update 11 also sees a change in the default security level setting from "Medium" to "High". Under the new setting, users will be warned before the Java plug-in runs any unsigned application.
Quote:
The default security level for Java applets and web start applications has been increased from "Medium" to "High". This affects the conditions under which unsigned (sandboxed) Java web applications can run. Previously, as long as you had the latest secure Java release installed applets and web start applications would continue to run as always. With the "High" setting the user is always warned before any unsigned application is run to prevent silent exploitation.
Article Link: Oracle Updates Java 7 to Address Security Vulnerability
MacRumors is offline   0 Reply With Quote

 
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Apple Releases New Java 6 Updates With Enhanced Security, Uninstalls Apple-Provided Java Applet Plug-in MacRumors Mac Blog Discussion 49 Oct 22, 2013 10:58 AM
Oracle Releases Java 7 Update 13 to Address Security Issues, Reenable Web Plug-in on OS X MacRumors MacRumors.com News Discussion 134 Feb 17, 2013 01:40 PM
Oracle Releases Patch to Address Security Vulnerability in Java 7 MacRumors MacRumors.com News Discussion 63 Sep 5, 2012 02:02 PM
Newly-Discovered Java 7 Security Vulnerability Poses Risks to Macs MacRumors MacRumors.com News Discussion 149 Aug 30, 2012 04:16 PM
Apple Updates Java for Lion and Snow Leopard in Sync with Oracle MacRumors MacRumors.com News Discussion 34 Jun 15, 2012 12:38 AM

Forum Jump

All times are GMT -5. The time now is 09:53 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC