[NPMUG] Apple releases Java update addressing critical vulnerability - MacFixIt

Dave Sevick dave at davesevick.com
Mon Jun 15 19:35:51 MDT 2009 

  Existing users, log in.  New users, create a free account.  Lost  
password?

	
		
Advertise | Support | Contact Us


Advanced Search






			






What's Related
Links:
article
Java for Mac OS X 10.5 Upd...
http://support.apple.com/k...
Java for Mac OS X 10.4, Re...
http://support.apple.com/k...

Topic
Late-Breakers
Story Options
Mail Story to a Friend
  Late-Breakers
Monday, June 15 2009 @ 03:36 PM PDT
Apple releases Java update addressing critical vulnerability

Apple has released an update for Java which addresses the recently  
announced vulnerability that has apparently been a long-standing bug  
in Java for OS X. The bug allowed for code and applications to be run  
as the current user, which could be dangerous if you were logged in as  
an adminstrator.



We discussed the problem and workarounds in our past article on the  
issue, but the current updates from Apple should address it completely  
and prevent the vulnerability from running. After applying the update,  
we tested the problem with the proof-of-concept java applet that we  
referenced in our initial article on the issue, and the applet isnt  
working anymore which indicates the problem has been fixed.

The updates are available via Software Update, and also from Apple's  
downloads page for both Tiger and Leopard users:

Java for Mac OS X 10.5 Update 4
Information about this update can be found here: http://support.apple.com/kb/HT3581

Java for Mac OS X 10.4, Release 9
Information about this update can be found here: http://support.apple.com/kb/HT3593
The update does not require a restart, but will require you to quit  
your Web browser and relaunch it for changes to take effect.

While it's been a long time coming, we're glad Apple has tackled this  
problem. People who have disabled Java in their Web browsers can now  
re-enable it again after applying this update.




Apple releases Java update addressing critical vulnerability | 6  
comments | Create New Account
  or change display preferences
The following comments are owned by whoever posted them. This site is  
not responsible for what they say.
Apple releases Java update addressing critical vulnerability
Authored by: wwrobelhh on Monday, June 15 2009 @ 04:33 PM PDT
Do not install, it crashes my safari and mail.

Exception Type: EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000002, 0x0000000000000000
Crashed Thread: 0

Dyld Error Message:
Symbol not found: _GetSortedJVMVersions
Referenced from: /Users/wolf/Library/Internet Plug-Ins/ 
JavaPluginCocoa.bundle/Contents/MacOS/JavaPluginCocoa
Expected in: /System/Library/Frameworks/JavaVM.framework/Versions/A/ 
JavaVM

[ Reply to This ]

Apple releases Java update addressing critical vulnerability -  
Authored by: tkessler on Monday, June 15 2009 @ 04:39 PM PDT
Apple releases Java update addressing critical vulnerability -  
Authored by: wwrobelhh on Monday, June 15 2009 @ 04:57 PM PDT
Apple releases Java update addressing critical vulnerability -  
Authored by: tkessler on Monday, June 15 2009 @ 05:24 PM PDT
Apple releases Java update addressing critical vulnerability -  
Authored by: low747pfe_dotmac on Monday, June 15 2009 @ 04:54 PM PDT
Apple releases Java update addressing critical vulnerability
Authored by: johnallen on Monday, June 15 2009 @ 06:18 PM PDT
Using software update....I get the error "The update Java for OS X  
10.5 Update 4 can't be installed. The Installer could not validate the  
contents of the 'JavaForMacOS10.5.Update4' package. Contact the  
software manufacturer for assistance.
[ Reply to This ]


	



Problems with MacFixIt?
Contact support.

MacFixIt provides exclusive troubleshooting content, including  
renowned special reports on incremental and major Mac OS X releases, e- 
mail alerts for late breaking items and expert commentary from leading  
Mac authors. For access to all MacFixIt content, sign up for MacFixIt  
Pro.

Home | MacFixIt Pro | Forums | Reports | Archives | Mac Musings |  
Tutorials | Utilities | About MacFixIt | Send Feedback |
VersionTracker: Software Updates and Downloads | iPhone Atlas: iPhone  
Help, News, Tutorials, and Tips

Visit other CBS Interactive Sites

Popular on CBS sites: iPhone 3G | Fantasy Football | Video Game  
Reviews | Antivirus Software | Recipes | E3 2009

About CBS Interactive | Jobs | Advertise

© 2009 CBS Interactive Inc. All rights reserved. | Privacy Policy |  
Terms of Use


		



````````````````````````````
Dave Sevick Consulting
Apple Certified Support Professional 10.5
Apple User Group Ambassador
Apple Recycling in Pittsburgh
Helping people use technology in Pittsburgh
Western PA, WV, OH, MD ... Since 1988

724.779.0099 mobile/office
dave at davesevick.com
http://www.davesevick.com
````````````````````````````





-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://davesevick.com/pipermail/npmug/attachments/20090615/a592d907/attachment-0001.htm

More information about the NPMUG mailing list