Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Java for Mac OS X 10.5 Update 4, v1.0 is out!

For what it's worth, I got my new unibody MBP in the mail today... first thing I did was run software update, downloaded 11 (java included) and the java installation failed. Computer restarted, ran a second time and it worked. So I thought it was a one time issue. Turned on my second gen MBP, only update available was the java and it failed as well. Tried again, another fail. Tried a third time, worked like a charm. The two computers were made, what, 3 - 4 years apart? Come on apple, try testing this on a few devices before letting it out the gates. lame.
 
FWIW it worked perfectly on my Aluminum MB and my mid-2007 Aluminum iMac. I made sure to run disk utility before and after in both and had no other programs open.
 
Eric S. said:
These are not viruses, they are Trojans. Trojans require the user to actively install the malware on his or her system. The bottom line is that you shouldn't install software from an untrusted site.
Click to expand...
I think you're missing the point. They (obstensibly) refute claims that Macs are immune to malware. The great unwashed out there doesn't differentiate between trojans, viruses etc. Besides, if the user is running with admin priviledges will the trojan install without warning? I don't know for sure as I always run a standard account and so get prompted to install software.

One thing about that article made me question the whole report to some estent:
The attacks - dubbed OSX/Tored-A and OSX/Jahlav-C - were discovered in email messages and on popular internet porn sites. The porn site attack directs users to download a "missing Video ActiveX Object"
Click to expand...
The first part suggests that they're OS X specific, but ActiveX plug-ins are, to my knowledge at least, only applicable to IE (Windows). Odd.
 
ztigerpaw said:
Better late then never. :D
Click to expand...

We all should all rejoice we have the wisdom of The Great Apple who knows the best how much uncertainty and doubt its minions should humanly bare. It is not a day before The Great Apple shall bless us and relieve us from those feelings of suffering.
 
Most trojans (or all apps in general) still require admin passwords to install despite being on an admin account.
 
m85476585 said:
I know, but Windows still needs to be rebooted for most updates, and a lot of software installations. At least OS X doesn't have to reboot to install most programs. Plus, rebooting Windows every so often can help speed things up, while the same is no necessarily true with OS X since rebooting clears the recently closed program cache from memory.
Click to expand...

actually it seems like pretty much every time a software update is released from apple i have to restart. on my windows desktop i really only have to restart once a month on patch tuesday.
 
Razeus said:
Downloading. Only because I love downloading software updates, even though I notice no difference after the patch. Leopard ran fine with 10.5 as far as I've ever been concerned.

Anyways, I guess nothing really happened out of this patch, because I've never, nor have I known anyone, to have issues as a result of not having this patch.

Internet security is way over rated on the individual consumer level.
Click to expand...

Without this fix, if you had Java enable in your browser, ANY site could potentially run commands with your user privileges. That is a big issue. You reach a site, and it runs rm -rf on your desktop, and everything is gone (you could always recover from backups, if you have them but why?). A website could also potentially access your files too if I'm not mistaken.

I disabled java in my browser after hearing about this vulnerability. Most sites I browse are the ones I trust, but knowing that ANY site can do this to your machine is really annoying, and I don't think this is something overrated.

You can keep your apartment door open for a month if the lock is broken and if no burglar is around, that won't be a problem. But you can't say the needed security is overrated, you'd probably fix it right away without ever leaving the apartment even once.

This is the same, unless you reach a site that is exploiting the noted vulnerability, you won't feel any difference for sure...
 
I tried to DL this update earlier before leaving for work, it failed! This is the first time such an update has failed for me. I cannot remember the specific error... Has anyone else had this problem?

Thanks

RoBoC

PS: I run Leopard, latest version, fully updated other than java.
 
roboc99 said:
I tried to DL this update earlier before leaving for work, it failed! This is the first time such an update has failed for me. I cannot remember the specific error... Has anyone else had this problem?

Thanks

RoBoC

PS: I run Leopard, latest version, fully updated other than java.
Click to expand...

Did you close all web browsers before trying to install the update?
 
Why can't users install Sun's java kit? Is this prevented by Apple or Sun?

Patching would be much faster that way.
 
Seems to be some issues with this, wonder if I should install it I have Java disabled anyway.

Don't trust Java anymore!
 
To those who don't like re-starting: it's not *that* annoying to restart a computer from time to time, is it?

for the last couple of years I've done a safe boot after each update on all computers (laptops, desktops), and I swear by this. I have far fewer 'issues' than most I know who use computers. and it speeds up lots of things especially on older comuters (PPC). Safe-boot, repair permissions, restart. takes about 10 minutes. done while making a coffee.

in addition every time I make a backup with super-duper permissions are repaired, I do this about every 2 days. diskwarrior & main-menu once a month.

a little computer hygiene makes everything run very smoothly, I find.
just my 2cents.
have a good day
-S
 
Apple really needs to fix this...

There is a general perception in the Mac community that Apple is far more attuned to bug fixing and security patching than Microsoft. It's a somewhat annoying perception, because it's far from the reality.

Microsoft has a 2-3 week average response time (and usually a day or two for critical issues and ZDEs). Apple has allowed remotely exploitable flaws to go unfixed for up to 6 months in some cases.

I know fanboys live in another plain of existence. But any research at Secunia or Security Response will verify that Apple is by far the worst when it comes to dealing with security problems.

OS X is a very secure OS at it's core. But Apple's userspace apps are insecure as all hell, and Apple's continually horrible performance at Pwn2Own every year underscores this.

I use a Mac because it's quite simply the best desktop computer experience. Nothing touches it's elegance. But I am not, nor should anyone else be, under the impression that we are using a completely secure OS.

The truth is, ever since Windows XP SP2, Microsoft has had it's security sh*t together. And remote exploits in Windows today are far and few between.

Microsoft may have an inelegant OS, with a god-awful UI, the worst web browser ever made, and a ecosystem of shoddy drivers, but one thing they have done--and they should get credit for this--is get security issues locked down. Apple needs to follow suit.
 
Problem with Windows is that you could have 10 antivirus and antispyware programs installed and you would be more likely to have your computer taken over by a trojan, spyware, or virus than a Mac despite the slow turnaround of the Mac OS security updates. Also, no antivirus is going to help a user that installs a trojan whether on a Mac or Windows computer. The important thing to note is that due to the number of exploits out there that is much more likely to happen with Windows and once downloaded and opened there are less safeguards to prevent a trojan from taking over the computer with Windows (as most people turn off UAC). At least with Mac OS X you have the requirement of the admin password to install applications.
 
staccato83 said:
Just curious, how come I always see users so reluctant to restart their computer?
Click to expand...

Daphtdazz said:
Because everyone loves to brag about uptime. It's the only reason :p
Click to expand...

m85476585 said:
3. This isn't Windows, we shouldn't have to reboot all the time.
Click to expand...

Programs cached to memory or not, Mac and Windows systems need to be rebooted once in a while - particularly after software updates. Windows machines need to be rebooted more ... but not nearly as much as they have needed to be rebooted in the past.

iberroa said:
Is anyone else having problems launching LimeWire after the Update? My icon looks like it bounces once and then disappears. I tried to set my Java settings back to default and restart but nothing changed. :rolleyes:
Click to expand...

As a side note, every single Windows computer I have ever encountered with LimeWire installed was Trojan or Virus infected. Every single one. :eek: It would not surprise me if the Mac folks with LimeWire installed weren't also compromised by a trojan or two.
 
For those of you worried about such vulnerabilities and any future potential security exploits, Intego Virusbarrier (I believe I bought it from one of the offers on this very website) has been aware of the Java exploit for a while now.
It gives you the ability to quarantine or reveal the file in the finder for further inspection.
The Java exploit code that invokes the "say" command did not run and the applet was halted.

Virusbarrier is worth investing in, especially if you're worried about the time Apple take to sneak out the security updates past the Marketing guys...
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back