May 19, 2010

Apple updates Java for security bugs

Apple on Tuesday released security updates for Java for Mac Leopard and Snow Leopard to close dozens of holes, the worst of which could lead to arbitrary code execution.

The update for Snow Leopard, Java for Mac OS X 10.6 Update 2, fixes 20 bugs, all of which could be exploited if a user is tricked into visiting a web page containing a maliciously crafted Java applet, Apple said. The vulnerabilities could lead to unexpected application termination or allow an attacker to execute arbitrary code with the privileges of the current user.

The update for Leopard, Mac OS X 10.5 Update 7, patches some 60 bugs, which could lead to the same problems, according to Mac security vendor Intego.

An advisory posted by the US-CERT encouraged users and administrators to apply the updates.

The updates are available at Apple's Support Downloads page.

Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.