Apple updates Safari and Java 6 support
Apple has furnished its Safari web browser with a new security feature that allows Java applet loading permissions to be granted on a web-site-specific basis. The feature is included in Safari 6.0.4, which is being deployed as a software update for Lion and Mountain Lion users, and in Safari 5.1.9 for Snow Leopard, which is available for direct download (about 48MB) and via Apple's software update service.
The new feature will prompt Safari to ask users what to do with each newly encountered Java applet. A new setting allows users to permanently block or permanently allow applets, or trigger confirmation requests, on a web-site-specific basis. When "allowing" applets, users can either choose "always allow" or they can allow applets only if the installed version of Java contains no known critical security issues. Safari 6.0.4 also closes a security hole in WebKit which was used during this year's Pwn2Own security competition.
Apple has also released two new Java updates that correspond to Oracle's Java 7 Update 21. Java for Mac OS X 10.6 Update 15 (just under 70MB) updates Java SE 6 under Snow Leopard to version 1.6.0_45 and enables the previously mentioned security feature in Safari 5.1.9. Java for OS X 2013-003 is intended for Lion and Mountain Lion, where it also updates Java SE 6 to version 1.6.0_45. The Java updates close numerous security holes, including critical ones – and should, therefore, be installed as soon as possible. As usual, the latest version of Java 7 is provided by Oracle and can be downloaded from the Oracle Java SE Download pages.