Apple Plugs Hole In OS X That Enabled Javascript Exploit

rated by 0 users
This post has 2 Replies | 0 Followers

Top 10 Contributor
Posts 26,417
Points 1,193,030
Joined: Sep 2007
News Posted: Sat, Mar 16 2013 11:52 AM
Another day, another issue with Java. In a world that is becoming increasingly fraught with privacy invasions and security breaches, Java has been a term that's been popping up in negative fashion of late. Now, Apple has shot out a new batch of security patches for OS X, one of which covers up a flaw that "allowed Java Web Start applications to run even when users had Java disabled in the browser." OS X 10.8.3 fixed a total of 21 issues in terms of security, and it also throws in a fresh edition of the malware removal tool for Apple rigs.

In an Apple advisory: "Visiting a maliciously crafted website could allow a Java Web Start application to be launched automatically even if the Java plug-in is disabled. Java Web Start applications would run even if the Java plug-in was disabled. This issue was addressed by removing JNLP files from the CoreTypes safe file type list, so the Web Start application will not be run unless the user opens it in the Downloads directory."

It's not so common for Apple to release a suite of patches for security issues, but Java has been a certain thorn in the company's side. If you haven't downloaded the latest OS X, be sure to do so; it'll allow enable Windows 8 support in Boot Camp.
  • | Post Points: 35
Not Ranked
Posts 1
Points 5
Joined: Mar 2013

I read the first 3 words and though

  • | Post Points: 5
Not Ranked
Posts 20
Points 175
Joined: Jul 2011
ErazmusNZ replied on Sun, Mar 17 2013 7:10 PM

Is it a Java exploit or a Javascript exploit? They're not the same...

  • | Post Points: 5
Page 1 of 1 (3 items) | RSS