Patch/Configuration Management, Vulnerability Management

Apple updates Java for security bugs

Apple on Tuesday released security updates for Java for Mac Leopard and Snow Leopard to close dozens of holes, the worst of which could lead to arbitrary code execution.

The update for Snow Leopard, Java for Mac OS X 10.6 Update 2, fixes 20 bugs, all of which could be exploited if a user is tricked into visiting a web page containing a maliciously crafted Java applet, Apple said. The vulnerabilities could lead to unexpected application termination or allow an attacker to execute arbitrary code with the privileges of the current user.

The update for Leopard, Mac OS X 10.5 Update 7, patches some 60 bugs, which could lead to the same problems, according to Mac security vendor Intego.

An advisory posted by the US-CERT encouraged users and administrators to apply the updates.

The updates are available at Apple's Support Downloads page.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.