Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security Bug Businesses Java Programming Apple

Apple Finally Patches Java Vulnerability 177

Posted by kdawson from the gentlemen-restart-your-sandboxes dept.
macs4all writes "Apple has finally addressed the Java vulnerability that nearly everyone else patched months ago. Available now for OS X 10.4 and 10.5, and through Apple's Software Update service, this update patches a flaw in the Java Virtual Machine that could potentially allow a malicious Java applet to execute arbitrary code on the machine. Apple had previously advised users to turn off Java temporarily in their Web browsers."
This discussion has been archived. No new comments can be posted.

Apple Finally Patches Java Vulnerability More

Apple Finally Patches Java Vulnerability

Comments Filter:

  • What about PPC Java? (Score:3, Interesting)

    by BikeHelmet ( 1437881 ) on Monday June 15, 2009 @08:42PM (#28342835) Journal

    Just wondering. PPC Java for OSX is even more out of date than x86 Java.

    The latest java on PPC is 1.5, and I'm sure it's out of date too...

  • Re:Old versions. (Score:0, Interesting)

    by Anonymous Coward on Monday June 15, 2009 @08:45PM (#28342867)

    complain that his OS X 10.1 machine from 19-dickity-6 doesn't have a patch out yet, so Apple sucks.

    Whatever fanboi. How about 10.3 machines that were being sold in many retailers towards the end of 2005.

    Four years support for security fixes is pathetic. Apple haven't learnt any lessons.

  • Re:maybe (Score:1, Interesting)

    by acidblue ( 716452 ) on Monday June 15, 2009 @09:11PM (#28343039) Homepage
    Actually, the vulnerability allowed the applet run any arbitrary process (using the user's privileges). It was/is a scary issue. I am an Apple apologist and a highly paid developer who specializes in Java. So, this vulnerability was a real "salt on the wound" issue for me. I am glad it's fixed. But, I am still very unhappy with Apple's low-rent support for the Java platform.

  • Re:Old versions. (Score:3, Interesting)

    by jonwil ( 467024 ) on Monday June 15, 2009 @10:06PM (#28343415)

    Maybe its time for Sun (who DO control Java) to tell Apple to change its ways (and give control of Java on the Mac to Sun so that Sun can fix stuff without having to wait for Apple).
    Its not like Sun needs Apple in order to produce Java for the Mac.

    Or is this like the graphics drivers where only Apple has access to the "secret bits" necessary for a JVM to do all the things that the current Mac JVM does?
    How hard would it be to just port OpenJDK/IceTea/whatever to Mac and be done with it?

  • Re:SAD :( (Score:1, Interesting)

    by Anonymous Coward on Monday June 15, 2009 @11:11PM (#28343825)
    Simply being the target for virus writers doesn't mean what you think it does. If you're going to write a virus that will hit 94% (microsoft marketshare back then) of systems, or 4% of systems (mac market share), which will you pick?

    Microsoft has a similar numbers game and is used more often for high value uses. Who wants to write a virus that will steal video clips or artwork? Who wants to write a virus that will steal ssn's en masse?

    How many macs handle SSN's en masse? Its a return on investment. Until businesses start doing heavy lifting with macs, they won't be a target. That being said, let me quote myself:

    If you look at the yearly exploit conferences, OS X doesn't fare much better than Windows

    Number of viruses is not caused primarily by insecurity. Its a correlation relationship, not a causation one. There are quite a few linux malware programs, but you don't hear people arguing that mac os x is more or less secure than linux. Its because linux presents a juicier target (always on servers that handle database heavy lifting.)

  • Re:maybe (Score:5, Interesting)

    by jackspenn ( 682188 ) on Monday June 15, 2009 @11:13PM (#28343855)

    As a Mac owner I am glad, for whatever reason, viruses are of no concern to me.

    ...

    But at home I get to relax, and ignore the issue completely.

    Until the day you can't. I am sorry, but you make me want to troll the net for the next security issue that is resolved in Linux and/or Windows, but Apple drags their feet on (again). Then I can use it to F with people like you. Your confidence comes from your ignorance.

    Here is the sad truth, Both the Linux/BSD communities and Microsoft take security more seriously than Apple.

    Apply repeatedly leaves a lot of holes open longer then they should be. I am thinking iTunes may present a nice target vector, but there have been so many in the past and I am sure there will be more in the future.

    I can see the HP/MS commercial now during the Superbowl next year:

    PC - "Hi, I'm a PC"
    MAC - "and I'm .... full of crap."
    PC - "Oh, MAC. While your designers were working to change your outsides from white to aluminum they didn't have time to patch the latest security threats to your OS."
    MAC - "All my music, all my pictures and all my home movies, gone, the worm even reformated my Time Machine drive and replaced restore points with pointers to an image of a piece of shit and a burning NEXT cube."
    PC - "Well, MAC, you like to talk a big game, but you are not good at playing the big game. So let everyone go back to those who can; first with the guys in Superbowl 44 and then with Windows 7 on their next laptop."

  • Re:SAD :( (Score:1, Interesting)

    by Anonymous Coward on Tuesday June 16, 2009 @03:30AM (#28345137)

    Dear Steve,
    Let Sun handle the porting.
    Let Sun handle the porting.
    Let Sun handle the porting.
    Let Sun handle the porting.
    Let Sun handle the porting.

    Love,
    Disgruntled Mac Java Users/Devs

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?

Close