Apple Plugs Hole In OS X That Enabled Javascript Exploit

Another day, another issue with Java. In a world that is becoming increasingly fraught with privacy invasions and security breaches, Java has been a term that's been popping up in negative fashion of late. Now, Apple has shot out a new batch of security patches for OS X, one of which covers up a flaw that "allowed Java Web Start applications to run even when users had Java disabled in the browser." OS X 10.8.3 fixed a total of 21 issues in terms of security, and it also throws in a fresh edition of the malware removal tool for Apple rigs.


In an Apple advisory: "Visiting a maliciously crafted website could allow a Java Web Start application to be launched automatically even if the Java plug-in is disabled. Java Web Start applications would run even if the Java plug-in was disabled. This issue was addressed by removing JNLP files from the CoreTypes safe file type list, so the Web Start application will not be run unless the user opens it in the Downloads directory."

It's not so common for Apple to release a suite of patches for security issues, but Java has been a certain thorn in the company's side. If you haven't downloaded the latest OS X, be sure to do so; it'll allow enable Windows 8 support in Boot Camp.
Via:  ThreatPost
Tags:  Apple, security, Patch, Java
Comments
ZacharyJordan one year ago

I read the first 3 words and though http://www.reactionface.info/sites/default/files/images/1310650820313.jpg

erazmusnz one year ago

Is it a Java exploit or a Javascript exploit? They're not the same...

Post a Comment
or Register to comment