Java for Mac OS X 10.5 Update 4, v1.0 is out!

[polaris20]

Thanks for the fast work, Apple!

Please tell me you're being sarcastic. They're about 6 months behind everyone else in getting this patched.

 

[polaris20]

These are not viruses, they are Trojans. Trojans require the user to actively install the malware on his or her system. The bottom line is that you shouldn't install software from an untrusted site.

This particular vulnerability would work just by visiting a site; no need to click on anything. So by typing in the wrong address on accident, it could have been a problem.

 

[pmjoe]

Nice! This fixes a number of small bugs (which Apple failed to list) that appeared in the previous update. Application specified Java Web Start icons in the dock are back. Apple has incorporated the newer suggested security dialogs. It (Java 6) even seems to be a little faster (but it could just be me closing out all my Safari and Firefox windows before install). I'll have to poke around to see what other improvements have been made, but for Java folks this was a needed update. Hmm ... looks like it incorporates the Java SE 6 update 10 improvements (some of which are performance related):

http://java.sun.com/developer/technicalArticles/javase/java6u10/


Very nice!!!

 

[iGary]

Won't install on my iMac at work.

"Cannot install update."

 

[JordanMacLover]

Did not work then did

First time I tried to download the update it gave me an error that it could not download. I restarted the program (not the computer) and it is downloading now I'll let you know how it goes. (unless I don't notice the difference!)

 

[Harmush]

i downloaded it first time on my unibody macboook but on my Alu Imac its failing all the time!!



EDIT:: Fixed this about ten seconds after I posted. If you actually do what it asks and close any web browsers it helps.

 

[KCMichaelB]

Oh man! No restart necessary. I went ahead and restarted anyway. Can't stand it when my uptime is more than 2 hours.

 

[benpatient]

I'm getting something I've never seen before:

Can't Install Update

with a red X.

I closed all browsers, as asked. WTF is this all about?

 

[RumMunkey]

Wirelessly posted (Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Safari/530.17)

A LOT of people are getting a failed install attempt at first. There was probably a bad file sent out, or a mass corruption or something.



Just re-run Software Update and let it pull down a new copy. That second copy should install fine.



This happened on both my MacBook Pro and my iMac. Failed first time, re-downloaded, installed fine.

 

[Jongewehr]

i noticed that you have to close "EVERYthing" that connects to the internet, like ichat or anything like that

 

[Eric S.]

I think you're missing the point. They (obstensibly) refute claims that Macs are immune to malware. The great unwashed out there doesn't differentiate between trojans, viruses etc.

Even the "great unwashed" should not believe that it's not possible to install something that will have bad effects.

Besides, if the user is running with admin priviledges will the trojan install without warning?

No.

This particular vulnerability would work just by visiting a site; no need to click on anything. So by typing in the wrong address on accident, it could have been a problem.

The trojan referred to in the earlier post had nothing to do with the Java issue Apple just fixed.

 

[turkay]

This update breaks Limewire.

 

[ChicagoApple82]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 2_2_1 like Mac OS X; en-us) AppleWebKit/525.18.1 (KHTML, like Gecko) Version/3.1.1 Mobile/5H11 Safari/525.20)

I did the update now my safari keeps crashing when I go to my bank's website or to Facebook for that matter. Anyone else have this issue and if so have you been able to fix it?

----

I went into user/Library/Internet Plug-Ins and deleted the java plug in. Then I re-downloaded Safari 4.0 and reinstalled it. After the restart I seem to be able to browse on any page... I'll update if something changes.

 

[Rainbird]

This update breaks the weather radar Ridge Animation (JAVA) in WX 5.34.

 

[randfee2]

at last,

it took them way too long for this! Apple really sucks when it comes to fixing truly critical bugs QUICKLY!

 

[asleitz]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 2_2_1 like Mac OS X; en-us) AppleWebKit/525.18.1 (KHTML, like Gecko) Version/3.1.1 Mobile/5H11 Safari/525.20)

I did the update now my safari keeps crashing when I go to my bank's website or to Facebook for that matter. Anyone else have this isue and if so have you been able to fix it?

I just have problems with my bank website now.

 

[DELLsFan]

This update breaks Limewire.

And this is a bad thing?

 

[turkay]

And this is a bad thing?

Well it differs from the point of your view.

Me as a music producer: Absolutely no!
Me as a music listener: Sure, yes.

 

[DELLsFan]

Well it differs from the point of your view.

Me as a music producer: Absolutely no!
Me as a music listener: Sure, yes.
Me as a Virus/Trojan distributor: Hell yes!

Fixed.

 

[Tumbleweed666]

True, i want to know why people don't want to update from 10.5.6 to 10.5.7? why jump to 10.5.8 and by that time it will be snowing?

In my case its because 10.5.7 will nuke my Buffalo drive :-(

 

[ratGT]

Mix it up!...

The update installed just fine on my MacBook Pro, without ANY sort of problems... AS USUAL!
And I want to underline 'AS USUAL', because on every update I note threads with complains for unsuccessful update-installations.
I'm pretty sure that in most cases one of the following things are happening:

1. Your downloaded update-file has been corrupted, due to ex. high server-load or unstable internet connection. In this case you can always download the update through Apple's site and install 'manually' ( http://www.apple.com/downloads/macosx/apple/ )
   
2. Third-party software installed by the user may be conflicting with the update-installation (ex. System extensions/ plugins, virtualization applications such as Parallels, java-based software, or anything that generally intercepts/modifies system sources. Uninstall/interrupt them and retry).

I've been using and servicing all kinds of Macs throughout these years and never EVER have I come across such conflicts when I have installed updates on 'clean' Macs...

Because everyone loves to brag about uptime. It's the only reason

This update is a shame, I enjoyed demonstrating the only known exploited exploit to my cocky mac friends, and the cocky windows ones for that matter too.

...As for my part, besides the uptime (running now 1,5 months straight) I have OVER 100 tabs and windows open! So, Quitting & re-opening Safari, takes some time for me (considering also my average internet-connection)

I noticed that too. I even downloaded the latest limewire and it still doesn't work. wierd

Is anyone else having problems launching LimeWire after the Update? My icon looks like it bounces once and then disappears. I tried to set my Java settings back to default and restart but nothing changed.

...Get FrostWire! Have stopped using LimeWire for the past 2 years!!! Heck, even try a cocktail of P2P applications, like Acqlite, Cabos, Acquisition (DON'T pay for it ), etc. but NOT LimeWire!

Why can't users install Sun's java kit? Is this prevented by Apple or Sun?

Patching would be much faster that way.

MS includes Java patches through their Windows Update, but they can also be downloaded separately from Sun's Java-site (like you stated)

Java patch-releases for Mac OS X are handled entirely by Apple's R&D department - In other words, they 'need' to make their own tweaks before anything is installed, in order to avoid conflicts with the rest of the 'eco-system'. Still, all this all this doesn't justify certain delayes...

There is a general perception in the Mac community that Apple is far more attuned to bug fixing and security patching than Microsoft. It's a somewhat annoying perception, because it's far from the reality.

Microsoft has a 2-3 week average response time (and usually a day or two for critical issues and ZDEs). Apple has allowed remotely exploitable flaws to go unfixed for up to 6 months in some cases.

I know fanboys live in another plain of existence. But any research at Secunia or Security Response will verify that Apple is by far the worst when it comes to dealing with security problems.

OS X is a very secure OS at it's core. But Apple's userspace apps are insecure as all hell, and Apple's continually horrible performance at Pwn2Own every year underscores this.

I use a Mac because it's quite simply the best desktop computer experience. Nothing touches it's elegance. But I am not, nor should anyone else be, under the impression that we are using a completely secure OS.

The truth is, ever since Windows XP SP2, Microsoft has had it's security sh*t together. And remote exploits in Windows today are far and few between.

Microsoft may have an inelegant OS, with a god-awful UI, the worst web browser ever made, and a ecosystem of shoddy drivers, but one thing they have done--and they should get credit for this--is get security issues locked down. Apple needs to follow suit.

Now, Apple has indeed 'delayed' some updates, but for most cases in the past, as soon as a vulnerability was discovered, we (the Mac users) always received an 'immediate' Software Update.
But, when it gets down to comparisons, PLEASE do NOT compare chocolate with sh*t, just because they have same 'color'! (especially with something like XP or Vista which are 'excuses' of an OS)
YOU ARE using a 'completely' secure OS, when keeping in mind that in order for something malicious to be installed to your system, 99.9% you HAVE to give the Administrative privileges (such as the ones that pop-up on certain installations). On the Windows side, anything malicious can be 'secretly' installed without you even knowing it or being 'asked' by the OS (anything from spyware, to malware, trojans, virus & rootkits), just by ex. opening a little 'innocent' Word file!...

 

[Winni]

MS includes Java patches through their Windows Update, but they can also be downloaded separately from Sun's Java-site (like you stated)

No, they don't. Microsoft has dropped the support for their own Java VM years ago, and they do not support Sun's VM. However, Sun's Java implementation for Windows can update itself if you allow it.

 

[ratGT]

That's right...

No, they don't. Microsoft has dropped the support for their own Java VM years ago, and they do not support Sun's VM. However, Sun's Java implementation for Windows can update itself if you allow it.

Yes, that's right. I had in mind that Java 'auto-updates' in Windows, but forgot Sun's little thingy 'poping-up' in the task bar, reminding you of updates (and believe you me, I REALLY want to forget all this hassle & 'rotten' situations that Windows-memories bring me). But that's smaller details, when all I want to do is make my point, and I think my point was made!

 

[HyperZboy]

Will this end all the SAFARI 4 Crashes?

Will this end all the SAFARI 4 Crashes?​

Between Flash content and Javascript errors, Safari 4, both beta and final have crashed nearly 100 times for me.

Anyone know if this will help?

God, I sure hope so.

 

[Don.Key]

This update seems to have limited amount of memory available to each JVM app. To something like 128mb

That breaks some apps which need more then that.

But how can I increase this? For the WebStart run apps, to be specific....