Apple Pushes Fixes for 11 Java Vulnerabilities in Mac OS X
Apple has pushed out the fixes for the Java remote code vulnerabilities Oracle patched earlier this month, including a serious flaw that allowed Java applet code to escape from the sandbox and run as if it were a local, trusted program.
Apple pushed out a Mac OS X update patching 11 Java vulnerabilities. Oracle fixed these bugs 20 days ago.
The Java for Mac OS X update fixed various vulnerabilities in Mac OS X, Apple said in its knowledgebase article June 28. The update addresses the long list of Java vulnerabilities Oracle patched for all other systems as Java SE 6 1.6.0_26 on June 8.
The Mac update patched several remotely exploitable vulnerabilities that can be triggered while browsing to launch drive-by attacks. In this particular attack, cyber-criminals can trick browsers and PDF readers into downloading and running malicious code without notifying the user or popping up any warning messages. The most "serious" vulnerability addressed in this update allowed Java applet code to escape from the sandbox and run as if it were a local, trusted program with the privileges of the current user, Apple said.
"That's never supposed to happen, and it's always bad," Paul Ducklin, head of technology at Sophos, wrote on the NakedSecurity blog.
The Role of Standards in Cloud Security
Security is often cited as a primary cause for concern...Watch Now
Ensuring Resources for Mission Critical Workloads
Application workloads can thrive in cloud environments,...Watch Now
Improving Security in the Public Cloud
One of the main concerns about moving data to a public...Watch Now