Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Again Blocks Older Versions of Java Over Vulnerability

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,490
30,731



java.png
Apple has again remotely blocked some versions of Oracle's Java browser plugin because of vulnerabilities according to 9to5Mac.

The blockage, which was announced internally to AppleCare and Apple Retail employees, is because of an "unspecified vulnerability" and Apple has blocked Java 6 versions below update 51, and Java 7 versions below update 25.

At the beginning of this year, Apple blocked Java plug-ins in Safari several times because of unfixed vulnerabilities. Oracle has typically updated Java fairly quickly to remedy the vulnerabilities.

Users are strongly advised to ensure they have the latest versions of Java.

Article Link: Apple Again Blocks Older Versions of Java Over Vulnerability
 
Article Link
https://www.macrumors.com/2013/08/29/apple-again-blocks-older-versions-of-java-over-vulnerability/
Nermal

Nermal

Moderator
Staff member
Dec 7, 2002
20,632
3,987
New Zealand
Since the article doesn't mention it... update 25 is the current version so unlike one of Apple's earlier blocks, this one already has a fix available.
 
H

H2SO4

macrumors 603
Nov 4, 2008
5,651
6,937
I find it odd how they've reacted to this so fast but have dragged their heels on the core text exploit that they've known about for ages.
 
B

Bitmin1991

macrumors member
Aug 25, 2013
32
0
vmachiel said:
What do you mean? I have the Java 7 RE installed, that's the same thing right?
Click to expand...

Nope. If you install Ubuntu via VirtualBox then install Java onto that virtual machine, then that Java instsll doesn't touch OS X. If anything happens then all you need to do is delete that virtual machine and start anew.
 
baryon

baryon

macrumors 68040
Oct 3, 2009
3,877
2,924
I have the latest version of Java yet it hasn't worked for about 4 months. Websites just say I don't have Java installed, when in fact I do. It's enabled in Safari and all. Anyone have an idea of what's going on?
 
Mr. Retrofire

Mr. Retrofire

macrumors 603
Mar 2, 2010
5,064
518
www.emiliana.cl/en
S

subsonix

macrumors 68040
Feb 2, 2008
3,551
79
Bitmin1991 said:
Nope. If you install Ubuntu via VirtualBox then install Java onto that virtual machine, then that Java instsll doesn't touch OS X. If anything happens then all you need to do is delete that virtual machine and start anew.
Click to expand...

The problem here is the browser plugin though, an applet can be run by any website. Using the Java environment on your local machine, runs local code.
 
Weaselboy

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,133
15,596
California
reckless2k2 said:
I think the question is whether it requires an update to run or if this is something Apple silently pushes down like how it updates the panel on an Apple TV with new icons.
Click to expand...

It is done in the background with an update to the below XProtect plist file.

Code: 
/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist
 
V

vmachiel

macrumors 68000
Feb 15, 2011
1,772
1,440
Holland
Bitmin1991 said:
Nope. If you install Ubuntu via VirtualBox then install Java onto that virtual machine, then that Java instsll doesn't touch OS X. If anything happens then all you need to do is delete that virtual machine and start anew.
Click to expand...

I see. Well, I'd like to run a minecraft server on my mac, so i'll leave it in os x then.
 
scbn

scbn

macrumors 6502
Jul 25, 2010
272
22
Java has become a pain... like all the Adobe products now, you have to update almost every week (sometimes more than once a week).
 
C

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
scbn said:
Java has become a pain... like all the Adobe products now, you have to update almost every week (sometimes more than once a week).
Click to expand...
Yup, like the last update for Java was just yesterday...over 2 months ago (and the last Adobe Reader update was months ago). ;)
 
phoenixsan

phoenixsan

macrumors 65816
Oct 19, 2012
1,342
2
The fact about.....

all the vulnerabilities, malware and things like this shows to me some things:

1-Apple hardware and software comes back to interest
2- No more about 100% truth on the old "Apple computers dont get viruses or not are being attacked"
3-The need for safe computer practices, not only on bussiness, enterprise or goverment enviroments, but also in family and personal venues.....


:):apple:
 
iDuel

iDuel

macrumors 6502a
Jul 20, 2011
775
97
Greece/USA
phoenixsan said:
all the vulnerabilities, malware and things like this shows to me some things:

1-Apple hardware and software comes back to interest
2- No more about 100% truth on the old "Apple computers dont get viruses or not are being attacked"
3-The need for safe computer practices, not only on bussiness, enterprise or goverment enviroments, but also in family and personal venues.....


:):apple:
Click to expand...

Correct me if I am wrong, but this Java vulnerability has nothing to do with the OS, as this probably exists on Windows too. It's not a case of Apple software, as Apple doesn't develop Java, they cannot make sure that it is 100% solid.

Apple could make a solid OS, and someone could still install a version of Adobe Flash, Java, Silverlight, etc. that has a known vulnerability and take advantage of the permissions it obtains.

I'm not saying that we shouldn't take responsibility for our computer's security, it's just that you are barking up the wrong tree in this case.
 
phoenixsan

phoenixsan

macrumors 65816
Oct 19, 2012
1,342
2
Barking?....

iDuel said:
Correct me if I am wrong, but this Java vulnerability has nothing to do with the OS, as this probably exists on Windows too. It's not a case of Apple software, as Apple doesn't develop Java, they cannot make sure that it is 100% solid.

Apple could make a solid OS, and someone could still install a version of Adobe Flash, Java, Silverlight, etc. that has a known vulnerability and take advantage of the permissions it obtains.

I'm not saying that we shouldn't take responsibility for our computer's security, it's just that you are barking up the wrong tree in this case.
Click to expand...

I am not a dog, pal......And the thing is, the exploit become famous in Mac OS. No doubt by the delayed update of Java by the Apple people....
 
iDuel

iDuel

macrumors 6502a
Jul 20, 2011
775
97
Greece/USA
phoenixsan said:
I am not a dog, pal......And the thing is, the exploit become famous in Mac OS. No doubt by the delayed update of Java by the Apple people....
Click to expand...

I'm sorry if you were offended by a figure of speech, but that isn't the point. By your post, it seemed that you were blaming Apple for the vulnerability, yet Apple is not Oracle, so there wasn't a single thing Apple could have done to prevent this.

Apple did what they could do in this case by blocking the older, more vulnerable versions.
 
phoenixsan

phoenixsan

macrumors 65816
Oct 19, 2012
1,342
2
iDuel said:
I'm sorry if you were offended by a figure of speech, but that isn't the point. By your post, it seemed that you were blaming Apple for the vulnerability, yet Apple is not Oracle, so there wasn't a single thing Apple could have done to prevent this.

Apple did what they could do in this case by blocking the older, more vulnerable versions.
Click to expand...

Apple lags behind Oracle official releases....That is a fact and a decision by Apple....No figure of speech or fanboyness....


:):apple:
 
chrfr

chrfr

macrumors G5
Jul 11, 2009
13,517
7,034
phoenixsan said:
Apple lags behind Oracle official releases.
Click to expand...

That wasn't the case for the most recent Java updates. Presumably Apple has figured out that it's a big problem for them to be so late with the patch releases.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom