Mac OS X Users Vulnerable To Major Java Flaw 306
FruitWorm writes in with word of a vulnerability in Java that has been patched by everyone but Apple. "Security researchers say that Mac OS X users are vulnerable to a critical, 6-month-old, remote vulnerability in Java, a component that is enabled by default in Web browsers on this platform. Julien Tinnes notes that this vulnerability differs from typical Java security flaws in that it is 'a pure Java vulnerability' and doesn't involve any native code. It affected not only Sun's Java but other implementations such as OpenJDK, on multiple platforms, including Linux and Windows. 'This means you can write a 100% reliable exploit in pure Java. This exploit will work on all the platforms, all the architectures and all the browsers,' Julien wrote. This bug was demonstrated during the Pwn2own security challenge this year at CanSecWest, but the details were not made public at that time. Tinnes recommends that Mac OS X users disable Java in their browsers until Apple releases a security update."
Great interoperability (Score:5, Funny)
'This means you can write a 100% reliable exploit in pure Java. This exploit will work on all the platforms, all the architectures and all the browsers,'
And the Java critics said total platform independence was impossible!
Re:Great interoperability (Score:5, Funny)
Yay this is gonna be so much easier than trying to ship Wine with my viruses...
Re:To be expected (Score:2, Funny)
The (untrue) assumption that many people seem to hold that Macs are just invulnerable to anything bad happening has finally spread to Apple itself, and they're the last to patch this exploit. Since a lot of Mac advertising used to be based on "Macs don't get Viruses" you'd think they'd have been the first to patch this to maintain their reputation. Yes I know I'm probably going to get modded down immediately for saying this, but hell, it's the truth.
yes, you were correct about ONE thing,
Incorrect (Score:1, Funny)
As we know from that one Mac vs. PC commercial, Macs don't get viruses. And if something is invulnerable to viruses, it has no flaws of any kind. Implying that Macs have a Java flaw implies they can get infected, correct? Which means they can get viruses, which obviously cannot be true, if that Mac Genius, Megan commercial is correct.
Re:Great interoperability (Score:3, Funny)
Nonsense! For years Java apps have been producing platform-independent error messages on all platforms equally. Fortunately, the exploit will probably error out too!
Re:To be expected (Score:2, Funny)
Re:Great interoperability (Score:5, Funny)
Am I the only one who first read that headline as "Mac OS X Users Vulnerable To Major Lava Flow"?