Apple Plugs Hole In OS X That Enabled Javascript Exploit

Apple Plugs Hole In OS X That Enabled Javascript Exploit

Another day, another issue with Java. In a world that is becoming increasingly fraught with privacy invasions and security breaches, Java has been a term that's been popping up in negative fashion of late. Now, Apple has shot out a new batch of security patches for OS X, one of which covers up a flaw that "allowed Java Web Start applications to run even when users had Java disabled in the browser." OS X 10.8.3 fixed a total of 21 issues in terms of security, and it also throws in a fresh edition of the malware removal tool for Apple rigs.


In an Apple advisory: "Visiting a maliciously crafted website could allow a Java Web Start application to be launched automatically even if the Java plug-in is disabled. Java Web Start applications would run even if the Java plug-in was disabled. This issue was addressed by removing JNLP files from the CoreTypes safe file type list, so the Web Start application will not be run unless the user opens it in the Downloads directory."

It's not so common for Apple to release a suite of patches for security issues, but Java has been a certain thorn in the company's side. If you haven't downloaded the latest OS X, be sure to do so; it'll allow enable Windows 8 support in Boot Camp.
0
+ -

I read the first 3 words and though http://www.reactionface.info/sites/default/files/images/1310650820313.jpg

0
+ -

Is it a Java exploit or a Javascript exploit? They're not the same...

Login or Register to Comment
Post a Comment
Username:   Password: