Apple Updates Java for Leopard, Snow Leopard

· by · Product News

Apple updated Java for both Leopard (Mac OS X 10.5.8) and Snow Leopard (Mac OS X 10.6.6) on Tuesday, including the server versions of both OSes. Java for Mac OS X 10.6 Update 4 and Java for Mac OS X 10.5 Update 9 are both security updates for the technology.

Accordingly, the patch notes are somewhat…dry. To wit:

Java for Mac OS X 10.6 Update 4

Java
Available for: Mac OS X v10.6.6, Mac OS X Server v10.6.6
Impact: Multiple vulnerabilities in Java 1.6.0_22
Description: Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4476

For Java for Mac OS X 10.5 Update 9:

Java
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Multiple vulnerabilities in Java 1.6.0_22
Description: Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at http://java.sun.com/javase/6/webnotes/ReleaseNotes.html.
CVE-ID
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4476

Java
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Multiple vulnerabilities in Java 1.5.0_26
Description: Multiple vulnerabilities exist in Java 1.5.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.5.0_28. Further information is available via the Java website at http://www.oracle.com/technetwork/java/javase/documentation/overview-137139.html.CVE-ID
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4454
CVE-2010-4462
CVE-2010-4465
CVE-2010-4468
CVE-2010-4469
CVE-2010-4471
CVE-2010-4473
CVE-2010-4476

You can download the update for your Mac through Software Updare. For Snow Leopard, it’s a 78.2MB download.

Bryan Chaffin

Bryan Chaffin

Bryan is the cofounder of The Mac Observer and currently serves as Afternoon Editor. He has contributed to MacAddict and MacFormat magazines, and coauthored Incredible iPad Apps for Dummies with Bob "Dr. Mac" LeVitus.

You can find out more about Bryan at his personal site, GeekTells, or follow him on Twitter @TMOBryan.

Sign Up for the Newsletter

Enter a valid email address

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Adding to list…

No Comments

Add your comment

Remember my personal information

Notify me of follow-up comments?