Apple releases Java security updates
Apple has released Java updates for versions 10.5 and 10.6 of Mac OS X, patching a number of security holes and bringing its two latest versions of OS X up to date. The updates include Java 6 Update 22 from earlier this month, which patched several critical security vulnerabilities that affected Java and improved its overall reliability.
Update 3 for Mac OS X 10.6 addresses a total of four security issues, while Update 8 for Mac OS X 10.5 fixes six vulnerabilities across both the standard and server editions of the operating system. According to Apple, many of the issues addressed in the updates can lead to application termination or the execution of arbitrary code on a victim's system. The company also notes that, for Mac OS X 10.5 systems, Java 1.4.2 is no longer being updated and is disabled by default in the update. Java for Mac OS X 10.6 Update 3 requires version 10.6.4 or later and Java for Mac OS X 10.5 Update 8 requires 10.5.8 or later.
More details about the updates, including a full list of closed vulnerabilities, can be found in Apple's security advisories. The updates are available via Apple's built-in Software Update service. Alternatively, Java for Mac OS X 10.5 Update 8 and Java for Mac OS X 10.6 Update 3 are available to download from Apple's web site. All users are advised to update as soon as possible.
- About the security content of Java for Mac OS X 10.6 Update 3, security advisory from Apple.
- About the security content of Java for Mac OS X 10.5 Update 8, security advisory from Apple.
- Patch for Mac OS X file sharing, a report from The H.
- Apple closes back door in QuickTime 7, a report from The H.