Apple OS X Java Woes

Blog Post created by mjc on May 10, 2012

okay_meme.pngOracle recently announced that they would provide stand alone updates in the future for Java Runtime Environment for Mac users. Many people including myself were excited when we heard the news, but..... so far this hasn't happened. Mac OS X users including yours truly are once again behind Oracle's recommended version.


Apple last patched Java on OS X when they released Java 6 Update 31 on April 3rd, which had critical bug fixes on related to Flashback malware. Oracle then released Java 6 Update 32 and Java 7 Update 4 on April 26th which means that Apple users were only current for three weeks at the most. The good news is that Java 6 Update 31 is the current Security Baseline, this means Mac users are up to the same security standard as the new release.


The bad news is that this shows how broken Java updates are on Mac OS X. No one knows when it will get fixed. Mac users can pray that Oracle is indeed providing the patches ASAP because the next Java updates will more than likely contain security related updates.


Mac users can relax now if they are patched up to Java 6 Update 31, but this is a crazy situation that needs to be address as soon as possible.


You can visit http://www.isjavaexploitable.com to see if your plugin is exploitable.


If you have any questions on Apple related security, leave them in the comments.