Oracle Patches Java Zero-Day Vulnerability

| Product News

JavaOracle announced on Thursday the release of a security patch to address a zero-day exploit in the Java runtime that was uncovered earlier this week. The security patch also addresses two other less serious issues affecting Java.

The zero-day exploit allowed the bad guys to install executable software on target machines from maliciously-crafted webpages, a serious security breach.

The release is for the Java 1.7 runtime, which is installed on some Macs running OS X versions earlier than Lion. Starting with Lion, Apple removed Java from OS X, prompting users to download a session-specific Java runtime when needed. Apple joined the OpenJDK project in 2010, an open source project to maintain Java for the Mac.

If you want Java on your Mac or already have it, you can download the current version from Oracle’s Java site.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

3 Comments

Nich

Thanks for the update notice!  One thing, the link in the article leads to…
http://java.com/en/
  which is a general splash page with no obvious download link.

If you change it to…
http://www.java.com/en/
  you end up on the actual download page.  Not sure, maybe it’s my browser? 
Thanks for the update tip though!  smile

Khaled

funny, “Chrome does not support Java 7. Java 7 runs only on 64-bit browsers and Chrome is a 32-bit browser.”

iJack

It’s odd that Apple won’t tell me via Software Update about Java updates like this, and that I have to rely on the good graces of TMO for that info.  And thank you, Bryan for the heads up.  The install went fine.

Did Apple think everyone was just going to dump their Java apps once they stopped supporting it?

Log-in to comment