Apple Releases Same-Day Java Update for Snow Leopard, Lion

| Product News

Apple released Java updates for Lion and Snow Leopard Tuesday—notably, the updates were released the same day that Oracle patched the software, as noted by Krebs on Security. All told, Apple patched 11 security flaws in the updates out of 14 patched by Oracle.

Java for Mac

It’s not known whether the other three security flaws exist in the Mac version of the software, but it’s a significant step forward for Apple to release a Java update the same day as Oracle. The company has been heavily criticized for waiting days, weeks, and sometimes months to roll out security patches like these, and that seeming lackadaisical attitude was blamed as allowing exploits such as the Flashback malware to spread unnecessarily.

In the meanwhile, we offer the patch notes for Java for Mac OS X 10.6 Update 9, which is for Snow Leopard:

Java for Mac OS X 10.6 Update 9 delivers improved security, reliability, and compatibility by updating Java SE 6 to 1.6.0_33.

This update configures web browsers to not automatically run Java applets. Java applets may be re-enabled by clicking the region labeled “Inactive plug-in” on a web page. If no applets have been run for an extended period of time, the Java web plug-in will deactivate.

Apple is currently listing Java for OS X Lion 2012-004 on its downloads site, but that link currently resolves to April’s Java for OS X Lion 2012-003. Until that little snafu gets fixed, you can download the 2012-004 directly from Apple’s Downloads site.

The one-line description on the Downloads list says simply:

Java for OS X 2012-004 delivers improved security, reliability, and compatibility by updating Java SE 6 to 1.6.0_33.

In both cases, the updates prevent Java applets from automatically running in your browser. Users will be able to reactivate automatic execution in the preferences, but the default option will be non-automatic execution.

Java for Mac OS X 10.6 Update 9 is a 76.34MB update from Apple’s Support site.

Java for OS X Lion 2012-004 is a 64.07MB download.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

Lee Dronick

Great graphic Bryan! Apple steam.

jbruni

Bryan, the patch for Lion is actually 2012-004, which also takes you to 1.6.0_33. 2012-003 is from a couple months ago. Here is the link:

http://support.apple.com/kb/DL1515

Bryan Chaffin

Lookit there, jbruni! Thanks for catching that. As noted in the corrected article, the Downloads link resolves to the 003 update, and I grabbed the verbiage from there without noticing.

The links and information above are now correct.

Thanks again!

jbruni

The link from Apple’s page was wrong until you refresh your browser’s cache. Then it becomes correct.

Log-in to comment