AfterDawn: Tech news

Apple blocks Java 7 plug-in in Mac OS X after exploit discovered

Written by Andre Yoskowitz (Google+) @ 12 Jan 2013 18:24 User comments (3)

Apple blocks Java 7 plug-in in Mac OS X after exploit discovered A huge security exploit was discovered for Java versions 4 through 7 earlier this week, prompting the U.S. Department of Homeland Security to recommend users block the browser plug-in until Oracle can patch it.
Instead of giving users the choice, Apple has gone the safe route, blocking the plug-in from within Mac OS X.

The vulnerability allows remote installation of malware such as keyloggers and software that could turn your PC into a zombie for a botnet.

"We are currently unaware of a practical solution to this problem," said Homeland Security's Computer Emergency Readiness Team (CERT). "This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. Exploit code for this vulnerability is also publicly available."

Apple was able to block the plug-in by updating its "Xprotect.plist" blacklist "to require a minimum of 1.7.0_10-b19 version of Java 7," which is set for release in a few weeks. All other versions fail the anti-malware checks of the OS.

Previous Next  

3 user comments

112.1.2013 19:38

Don't worry. Apple will protect you.

213.1.2013 0:50

I disabled it in my browsers and blocked it in my firewall but java is still useful for other offline tasks...glad MS isn't blocking it.



313.1.2013 22:29

Makes me wish a key software did not require Java to run in it's web access. Let's hope my other content filtering and firewall saves me from my users. I so wish I could have a no java life aside from my many morning cups of coffee.


"Have you tried turning it off and on again?" ~ Roy Trenneman

http://www.facebook.com/BlueLightningTechnicalServices

Comments have been disabled for this article.

Latest news

A bug in Chrome allows you to download Netflix movies A bug in Chrome allows you to download Netflix movies (25 Jun 2016 15:21)
A group of security researchers have found a vulnerability in Google's Chrome browser that allows downloading movies straight from Netflix. This is obviously not a feature especially the entertainment ....
7 user comments
Three out of four Netflix customers would rather cancel than watch ads Three out of four Netflix customers would rather cancel than watch ads (25 Jun 2016 14:05)
For a long time Netflix was adamant on its pricing. No changes were made for a long time and everything seemed to be good. The markets obviously reacted and more expensive deals and original ....
4 user comments
Apple Music left in the dust, Spotify at 100 million subscribers Apple Music left in the dust, Spotify at 100 million subscribers (25 Jun 2016 12:01)
Spotify has told The Telegraph that it has surpassed the 100 million mark in subscribers. Paying subscribers was earlier this year reported to have passed 30 million. Apple meanwhile is having ....
2 user comments
Rumor has it that Apple has cancelled iPhone's dual camera Rumor has it that Apple has cancelled iPhone's dual camera (18 Jun 2016 18:05)
The next iPhone will be a major upgrade to current iPhone 6s. This biyearly full upgrade cycle provides us with a bigger upgrade every two years. But how will Apple update its number one product, ....
6 user comments
OnePlus releases new flagship killer, smaller X discontinued OnePlus releases new "flagship killer", smaller X discontinued (18 Jun 2016 16:11)
The small Chinese smartphone maker OnePlus took the world by storm two years ago by releasing a super cheap flagship smartphone. They called it the flagship killer, and it indeed challenged ....
4 user comments

News archive