Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > News and Article Discussion > Mac Blog Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Mar 4, 2013, 04:11 PM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Apple Releases Java Update to Fix New Zero-Day Vulnerability




Apple has pushed a new release of Java 6 that fixes a new vulnerability discovered just a few days ago. Somewhat confusingly, Apple delivers updates to Java 6, while Oracle delivers updates directly to Java 7 users.

InformationWeek reports:
Quote:
"We detected a brand new Java zero-day vulnerability that was used to attack multiple customers," FireEye security researchers Darien Kindlund and Yichong Lin said in a blog posted Thursday. "Specifically, we observed successful exploitation against browsers that have Java v1.6 update 41 and Java v1.7 update 15 installed," they said, referring to the two most recently released versions of Java 6 and Java 7.
Lion and Mountain Lion users should download Java for OS X 2013-002. This file updates Java SE 6 to 1.6.0_43, the latest version released by Oracle. Snow Leopard users will download Java for Mac OS X 10.6 Update 14, which delivers the same version of Java 6.

The last update for both Java 6 and 7 was released in mid-February to fix a different security vulnerability.

Article Link: Apple Releases Java Update to Fix New Zero-Day Vulnerability
MacRumors is offline   1 Reply With Quote
Old Mar 4, 2013, 04:14 PM   #2
street.cory
macrumors 6502
 
Join Date: Oct 2009
I can't wait for the day that I see "Java and Adobe Flash Discontinued" on the MR home page.
__________________
no one cares

street.cory is offline   6 Reply With Quote
Old Mar 4, 2013, 04:21 PM   #3
Northgrove
macrumors 6502a
 
Join Date: Aug 2010
Java is like a zombie that just won't die. Aim for the head!
__________________
iPhone 5 rMBP 15" (2012)
Northgrove is offline   5 Reply With Quote
Old Mar 4, 2013, 04:22 PM   #4
jlc1978
macrumors 65816
 
Join Date: Aug 2009
In other news, somebody called to d/l 4000 copies...
jlc1978 is offline   5 Reply With Quote
Old Mar 4, 2013, 04:28 PM   #5
keysofanxiety
macrumors 65816
 
keysofanxiety's Avatar
 
Join Date: Nov 2011
Location: In a house that defies physics by being colder than absolute zero.
I'm sure Java's had more security issues in this past week than OS X has in a decade
keysofanxiety is online now   8 Reply With Quote
Old Mar 4, 2013, 05:19 PM   #6
Negritude
macrumors regular
 
Join Date: Jul 2011
The thing I'm still wondering about is the Java 6 EOL. Is this the last update, or will Apple continue to patch via an enterprise agreement of some sort?
Negritude is offline   0 Reply With Quote
Old Mar 4, 2013, 05:26 PM   #7
daneoni
macrumors G4
 
daneoni's Avatar
 
Join Date: Mar 2006
Glad i don't have to rely on Java and consequently don't have it installed.
__________________
15" rMBP Core i7 | 27" ACD | AEBS | 5G iPod | iPhone 5S | 3G Apple TV | rMini
daneoni is offline   1 Reply With Quote
Old Mar 4, 2013, 05:48 PM   #8
cntwtfrmynwmbp
macrumors member
 
Join Date: Jun 2012
So I thought Java 6 isn't supported anymore by Apple.

Nevertheless there is a security update every week...

When is the support from Apple going to be suspended?
cntwtfrmynwmbp is offline   0 Reply With Quote
Old Mar 4, 2013, 06:01 PM   #9
Undecided
macrumors 6502a
 
Join Date: Mar 2005
Quote:
Originally Posted by Northgrove View Post
Java is like a zombie that just won't die. Aim for the head!
I did - poof! Wiped it off both Macs, both the plug-in and JVM.
Undecided is offline   0 Reply With Quote
Old Mar 4, 2013, 06:09 PM   #10
C DM
macrumors G4
 
Join Date: Oct 2011
Quote:
Originally Posted by Negritude View Post
The thing I'm still wondering about is the Java 6 EOL. Is this the last update, or will Apple continue to patch via an enterprise agreement of some sort?
It sounds like as long as Oracle will release updates for Java 6 (which they are probably hoping to stop, as they did with the update before this one), Apple will release them too, at the very least to keep up with the safety part that the updates would offer (since there's no chance they would be released for anything other than some sort of an exploited and/or large security issue).
C DM is offline   0 Reply With Quote
Old Mar 4, 2013, 06:15 PM   #11
kyjaotkb
macrumors 6502
 
Join Date: Nov 2009
Location: Paris, France
Cool! A 50MB "critical" update !
__________________
13" MBA '11, 1.7/4/256 ; 16GB iPad 4 Wifi ; 16GB 3GS ; 160GB iPod Classic '07 ; 8GB nano 3G ; 1GB Shuffle 2G
kyjaotkb is offline   1 Reply With Quote
Old Mar 4, 2013, 06:35 PM   #12
TsMkLg068426
macrumors 6502a
 
Join Date: Mar 2009
In another new Mac OS X 10.8.3 will be available for download in few days.
__________________
21.5" iMac, 2.7GHz, Intel Core i5, 4GB Memory, 1 TB HD, Mac OS X Lion 10.7.2; 32 GB iPod Touch iOS 5.0.1
TsMkLg068426 is offline   0 Reply With Quote
Old Mar 4, 2013, 06:45 PM   #13
sexiewasd
macrumors regular
 
Join Date: Mar 2012
Location: Back in Your Head
I really hate/love Java. It's wonderful to code in. It stays out of your way and let's you do some really crazy/stupid things and have a lot of fun, but the down side is that it lets you do some really crazy/stupid things. It's a lot like PHP in that way, and like PHP I don't think it has any hope of ever being secure in any reasonable sense of the word. It's a shame, but I think that with Oracle at the helm, it's time to put it out of it's misery.
sexiewasd is offline   0 Reply With Quote
Old Mar 4, 2013, 07:26 PM   #14
ArtOfWarfare
macrumors 603
 
ArtOfWarfare's Avatar
 
Join Date: Nov 2007
Send a message via Skype™ to ArtOfWarfare
I love quickly putting together ugly little apps for work that run on everyone's machines in Java. I understand that the apps it produces never look as nice as native OS X ones, but is it really that bad? If Java didn't run on OS X, I suspect there'd be many apps that wouldn't run on OS X, period. Few developers would decide to go through the effort of making a full OS X app just to satisfy the few people who stubbornly insist on using OS X and not having a copy of Windows emulated or something.
__________________
Don't tell me Macs don't last: 2007 iMac, 2007 Mac Mini, 2008 MacBook Air, all Vintage.
(iMac obsoletion: April 28, 2015, MBA: October 14, 2015, Mac Mini: March 9, 2016)
ArtOfWarfare is offline   2 Reply With Quote
Old Mar 4, 2013, 07:51 PM   #15
FloatingBones
macrumors 65816
 
FloatingBones's Avatar
 
Join Date: Jul 2006
Quote:
Originally Posted by ArtOfWarfare View Post
I love quickly putting together ugly little apps for work that run on everyone's machines in Java. I understand that the apps it produces never look as nice as native OS X ones, but is it really that bad? If Java didn't run on OS X, I suspect there'd be many apps that wouldn't run on OS X, period. Few developers would decide to go through the effort of making a full OS X app just to satisfy the few people who stubbornly insist on using OS X and not having a copy of Windows emulated or something.
The issue is not deploying Java apps; the issue is running Java apps in the browser. If someone wants to distribute Java apps, that's fine. If Apple supported the distribution of Java code via the Mac App Store, that would be even better. Kudos to Adobe for their Flash packager for allowing Flash code to be packaged and distributed to the various App Stores.

We had some it "professionals" say that they see no issue running Java/Flash code in the browser in other discussions here. I do not understand this casual (actually, promiscuous) attitude. It's kinda like those folks don't see the value of washing their hands when using the bathroom.

Last edited by FloatingBones; Mar 4, 2013 at 09:41 PM.
FloatingBones is offline   1 Reply With Quote
Old Mar 4, 2013, 09:49 PM   #16
pellets007
macrumors 6502a
 
pellets007's Avatar
 
Join Date: Jan 2009
Location: West Point
Broke a lot of things for me. There's another twenty minutes down the drain, signing up for an Oracle account and downloading the previous version. Ugh.
pellets007 is offline   0 Reply With Quote
Old Mar 4, 2013, 10:16 PM   #17
Steve.P.JobsFan
macrumors 6502a
 
Join Date: Jan 2010
Location: Bowling Green, OH
Quote:
Originally Posted by jlc1978 View Post
In other news, somebody called to d/l 4000 copies...
I see what you did there.
__________________
iPhone | 6 Plus | 128GB | Space Gray | GSM
iPad Air | Black | 32GB | Wi-Fi + LTE
iMac | Core i5 2.7 GHz | 12GB RAM |Radeon 6770 (512MB VRAM)
Apple TV | 3rd Generation
Steve.P.JobsFan is offline   0 Reply With Quote
Old Mar 5, 2013, 03:20 AM   #18
Truffy
macrumors 6502a
 
Truffy's Avatar
 
Join Date: May 2005
Location: somewhere outside your window...
Imagine my unmitigated joy when I reinstalled CS5 recently to be informed that I needed to install Java first.
__________________
Too much stuff
Not enough stuff
Truffy is offline   0 Reply With Quote
Old Mar 5, 2013, 06:15 AM   #19
harrisondavies
macrumors regular
 
Join Date: Nov 2010
6.66 MB update...that doesn't bode well.
harrisondavies is offline   0 Reply With Quote
Old Mar 5, 2013, 08:30 AM   #20
unplugme71
macrumors 65816
 
Join Date: May 2011
Quote:
Originally Posted by FloatingBones View Post
The issue is not deploying Java apps; the issue is running Java apps in the browser. If someone wants to distribute Java apps, that's fine. If Apple supported the distribution of Java code via the Mac App Store, that would be even better. Kudos to Adobe for their Flash packager for allowing Flash code to be packaged and distributed to the various App Stores.

We had some it "professionals" say that they see no issue running Java/Flash code in the browser in other discussions here. I do not understand this casual (actually, promiscuous) attitude. It's kinda like those folks don't see the value of washing their hands when using the bathroom.
I don't wash my hands in public restrooms, unless everything is automated. I rather use hand sanitizer before/after bathroom use than touch something that is probably filled with tons of bacteria. Even door handles I open using my sleeve or grab a napkin prior to walking in/out.
unplugme71 is offline   0 Reply With Quote
Old Mar 5, 2013, 08:46 AM   #21
justperry
macrumors 603
 
justperry's Avatar
 
Join Date: Aug 2007
Location: 7 Km South of an active upside down (boat) volcano.
Quote:
Originally Posted by kyjaotkb View Post
Cool! A 50MB "critical" update !
63+ on that link, but I agree, yet another download, can't they do a supplemental download.
Doesn't show up in my SU.

Quote:
Originally Posted by unplugme71 View Post
I don't wash my hands in public restrooms, unless everything is automated. I rather use hand sanitizer before/after bathroom use than touch something that is probably filled with tons of bacteria. Even door handles I open using my sleeve or grab a napkin prior to walking in/out.
Oh, and back home you do the dishes with a sponge which has been proven to carry the most bacteria.

Not washing hands dirty!
justperry is offline   0 Reply With Quote
Old Mar 5, 2013, 04:36 PM   #22
haravikk
macrumors 65816
 
Join Date: May 2005
Quote:
Originally Posted by ArtOfWarfare View Post
I love quickly putting together ugly little apps for work that run on everyone's machines in Java. I understand that the apps it produces never look as nice as native OS X ones, but is it really that bad? If Java didn't run on OS X, I suspect there'd be many apps that wouldn't run on OS X, period. Few developers would decide to go through the effort of making a full OS X app just to satisfy the few people who stubbornly insist on using OS X and not having a copy of Windows emulated or something.
You don't have to use Java for the entire app; there are plenty of great little apps that use Java to provide all the basic functionality in the background, but use a native UI to present it; this means all you need to do is develop a native UI for each platform but can keep the basic code in Java. It's not my own favourite way of doing it, but it's one of the things that Java is good for.

It's also good for quickly developing server programs that need a bit more control than code written on a scripted platform like PHP, Ruby on Rails etc.

For applets it is just awful; the load times alone (seemingly irrespective of hardware and connection speed) make it pretty horrible, but there's just so few reasons to use Java applets for anything anymore, but unfortunately lots of in-house solutions seemingly loved it (and still do). A lot of universities seem to use it for some reason too.
__________________
"Early 2008" MacPro, 2 x 3.2ghz Quad-Core Xeons, 10gb DDR2 800mhz ECC RAM, 120gb Solid State Drive (Mac & Windows OS), 4 x 750gb hard-drives (striped, users/files), NVidia GeForce 8800GT (512mb).
haravikk is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > Mac Blog Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Apple Releases OS X 10.9.2 With Fix for Major SSL Vulnerability, FaceTime Audio MacRumors MacRumors.com News Discussion 471 Mar 18, 2014 07:06 PM
Adobe Releases 'Critical' Update for Flash After Security Vulnerability Discovered MacRumors Mac Blog Discussion 92 Feb 10, 2014 12:29 PM
Apple Releases iMac EFI Update 2.0 to Fix Sleep and Thunderbolt Issues MacRumors Mac Blog Discussion 20 Jan 5, 2013 12:11 AM
Apple Releases 'Mac Wi-Fi Update 1.0' to Fix 5GHz Wi-Fi Issue MacRumors Mac Blog Discussion 18 Dec 19, 2012 03:11 AM
Oracle Releases Patch to Address Security Vulnerability in Java 7 MacRumors MacRumors.com News Discussion 63 Sep 5, 2012 01:02 PM

Forum Jump

All times are GMT -5. The time now is 02:55 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC