Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Critical Java Vulnerability for Mac OS X Users

DZone's Guide to

Critical Java Vulnerability for Mac OS X Users

· Java Zone
Free Resource

Learn how to troubleshoot and diagnose some of the most common performance issues in Java today. Brought to you in partnership with AppDynamics.

Intego Security has reported a critical flaw in the version of Java shipped with Mac OSX. The flaw allows local code on the user's Mac to be executed remotely, typically from malicious applets.

Apple has been aware of this vulnerability for at least five months, since it was made public, but has neglected to issue a security update to protect against this issue. Security researcher Landon Fuller has published, on his web site, a proof-of-concept Java applet that exploits this vulnerability to demonstrate how easy it is to run code remotely.

For now it seems like the best way to protect against the exploit is to switch off Java on your browser. In Safari, choose Safari > Preferences, click the Security tab, and uncheck Enable Java if it is checked. It is safe to leave Enable JavaScript activated, since this vulnerability only affects Java applets.  Soylatte users do have the option to upgrade to an OpenJDK6 release.

Intego

While no applets the exploit this vulnerability have been found yet, it will only be a matter of time given the publicity generated around the web about the flaw. Full details on the flaw are here.

Understand the needs and benefits around implementing the right monitoring solution for a growing containerized market. Brought to you in partnership with AppDynamics.

Topics:

Published at DZone with permission of James Sugrue, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}