Stay updated on the latest news from
the makers of Nexus
Apple Patches Java 6 For OS X Snow Leopard, Lion
by Ali Loney on September 05, 2012

Tags: component vulnerabilities, AppSec Spotlight

Computerworld – (International) Apple patches Java 6 for OS X Snow Leopard, Lion. September 5, Apple issued a Java update for OS X Lion and Snow Leopard to make it more difficult for hackers to exploit vulnerabilities. The update brought Java 6 up to par with Oracle’s version 35, which it released August 30. Oracle’s so-called ―out-of-band, or emergency patch, fixed three bugs in Java 7 that hackers already began exploiting, and made one change to Java 6. ―[The latter] represents a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited, Oracle said in its advisory of a week ago. Apple was required to provide the defense-in-depth update because it still maintains Java 6, which it bundled with 2009’s OS X Snow Leopard and offered to users running 2011’s Lion as an optional download when they encountered a Java applet on the Web. However, Apple is not responsible for Java 7; the company handed back control of the software to Oracle in 2010. The OS X patches for the three Java 7 flaws, then, were produced by Oracle and shipped the week of August 27 alongside the fixes for the Windows version of Java 7.


Recent Posts

Posts by Topic

see all

Get Blog Updates