Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Releases New Java 6 Updates With Enhanced Security, Uninstalls Apple-Provided Java Applet Plug-in

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,544
30,853



java.png
Apple today released updated versions of Java 6 for OS X, bringing additional improvements to security, reliability, and compatibility. This is a standard update to Java 6, which is distributed by Apple. Java 7 is available through Oracle.
Java for OS X 2013-005 delivers improved security, reliability, and compatibility for Java SE 6. Java for OS X 2013-005 supersedes all previous versions of Java for OS X.

This release updates the Apple-provided system Java SE 6 to version 1.6.0_65 and is for OS X versions 10.7 or later.

This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a web page, click on the region labeled "Missing plug-in" to go download the latest version of the Java applet plug-in from Oracle.
Click to expand...
There are separate updates available for both OS X Snow Leopard and OS X Lion/Mountain Lion, which can be downloaded through the Mac App Store or from Apple's software download site.

On its support page that explains the software update, Apple notes that multiple vulnerabilities in the previous version of Java were repaired.
Description: Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65.
Click to expand...
Apple has also released new printer drivers for HP and Canon printers.

Article Link: Apple Releases New Java 6 Updates With Enhanced Security, Uninstalls Apple-Provided Java Applet Plug-in
 
Article Link
https://www.macrumors.com/2013/10/15/apple-releases-new-java-6-updates-with-enhanced-security-uninstalls-apple-provided-java-applet-plug-in/
M

Makosuke

macrumors 604
Aug 15, 2001
6,662
1,242
The Cool Part of CA, USA
To my knowledge there has never been a situation where a software update removing an existing feature was such a positive thing for the world at large.

Pulling the plug on the default plug-in and forcing people who really want it to go and get it from Oracle is very good security news. One hopes (and expects) that the majority of everyday users won't ever bother downloading the plugin from Oracle, which will effectively close the gaping hole Java left in the browser.
 
D

dempson

macrumors regular
Jun 10, 2007
117
14
Wellington, New Zealand
MACRM32 said:
Why not simply move to Java 7? Having two separate versions installed seems archaic.
Click to expand...

I gather some Java apps have compatibility issues which prevent them working with Java 7, so Java 6 is still needed in some cases.

A second reason is that Java 7 requires Lion or later, and Apple is still providing Java 6 updates for Snow Leopard. If Apple is doing Java 6 updates for Snow Leopard anyway, it is probably only a small amount of additional work to distribute them for Lion and Mountain Lion.

Oracle stopped doing public releases of Java 6 updates (e.g. for Windows) early this year - their last public version is 1.6.0_45, but Apple has subsequently released 1.6.0_51 and now 1.6.0_65. I expect Oracle are still releasing Java 6 updates to those who are paying for support, and their agreement allows Apple to release those updates to Mac users.

Once Apple stops releasing new security updates for Snow Leopard (likely to be before the end of this year), they would probably also stop updating Java 6 for Snow Leopard, and that might mean they stop updating Java 6 for Lion and later.
 
Last edited:
Rocketman

Rocketman

macrumors 603
Dec 2, 2001
6,191
1,186
Claremont, The intellectual capitol of the world.
Really. How hard would it be for Apple to compile a version for the last 5 or so major OS releases so older devices that were recently DISABLED by Apple can simply be re-enabled to shipping capacity. I had a Java app which was mission critical simply stop working on OSX 10.4.11 which is very widely deployed.

/ valid complaint /

And, yes, I have modern computers too. :D
 
djtech42

djtech42

macrumors 65816
Jun 23, 2012
1,447
56
Mason, OH
The Java web plugin is probably the biggest security threat to OS X. It's best if we try to move away from having to use these Java applets.
 
9

9000

macrumors 6502a
Sep 29, 2013
519
0
Hyrule
MACRM32 said:
Why not simply move to Java 7? Having two separate versions installed seems archaic.
Click to expand...

Big compatibility issues with some things. I've been sticking with 6 because 7 was causing problems.

----------

"This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a web page, click on the region labeled "Missing plug-in" to go download the latest version of the Java applet plug-in from Oracle."

Well that's annoying. I don't even care and don't bother to install these updates that go around disabling my plugins. I remember when you used to be able to use Java on a site without pressing "allow" on 5 different windows that pop up sporadically.

----------
ohbrilliance said:
Poor Java is getting a bad name. The security issues are specific to the Java browser plug-in. Java as a language is fine.
Click to expand...

It's not fine once you're running its "compiled" code. Total RAM hog. It's also really tough to make any GUI look good with Java. Sure, it's good for TD Ameritrade's online tools...

----------
Rocketman said:
Really. How hard would it be for Apple to compile a version for the last 5 or so major OS releases so older devices that were recently DISABLED by Apple can simply be re-enabled to shipping capacity. I had a Java app which was mission critical simply stop working on OSX 10.4.11 which is very widely deployed.

/ valid complaint /

And, yes, I have modern computers too. :D
Click to expand...

You mean that the security update on Tiger machines disabled Java and didn't let you use it at all?
 
J

JLL

macrumors regular
Apr 25, 2003
211
152
Copenhagen, Denmark
Why do we have to have the same article every time?

The removal of the plug-in was introduced in October 2012 when Java 1.6.0_37 was released, and there have been many updates in the last year.

Apple is just reusing the text in the KB and there is nothing new with regards to the plug-in in this update.
 
ohbrilliance

ohbrilliance

macrumors 65816
May 15, 2007
1,010
355
Melbourne, Australia
9000 said:
It's not fine once you're running its "compiled" code. Total RAM hog. It's also really tough to make any GUI look good with Java. Sure, it's good for TD Ameritrade's online tools...
Click to expand...

I meant it's fine in terms of security. The merits of Java as a language belong in another discussion.
 
T

TsMkLg068426

macrumors 65816
Mar 31, 2009
1,499
343
I removed Java on my Mac OS 10.8.5 a while ago I felt there was no use to it and always a problem plus how many sites still use Java?
 
D

DOSNET

macrumors member
Aug 21, 2013
58
0
TsMkLg068426 said:
I removed Java on my Mac OS 10.8.5 a while ago I felt there was no use to it and always a problem plus how many sites still use Java?
Click to expand...

Java, like Flash, was primarily used when the internet couldn't do a whole lot on its own. HTML5 and modern JavaScript has made the two mostly obsolete. However, offline Java still has its uses. It's one of many ways to produce cross-platform code. There are more native alternatives such as Qt and WXWidgets that don't come with the performance penalties of Java though, so even that advantage isn't as strong as it once was.
 
R

RayK

macrumors 6502
Oct 13, 2005
345
15
Also, the new release doesn't appear to disable it if you have already gone to the trouble to reenable it via the command line instructions I posted a bit earlier.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom