New Java zero-day covers all versions, could affect Macs
First the bad news: a rather serious zero-day exploit has been discovered in all currently-supported versions of Java. And yes, this sort of exploit can be used to hijack a machine. Now the good news: Apple stopped bundling Java back in 10.6, and this exploit is a proof-of-concept and has been submitted to Oracle, who should be working on a fix as we speak.
If you don't need Java, we don't recommend installing it on Lion or Mountain Lion machines. If you do use Java, always be sure to install the latest patches. Oracle is due to issue more patches in mid-October.
Bottom line: this exploit is NOT in the wild, has not been seen active on any machines, but exists as a flaw in Java. Unless someone independently discovers it and decides to actually exploit the flaw, you'll be fine -- and a patch should be coming soon.
Subscribe to Newsletter
Software Updatesmore updates
- Apple Remote Desktop updated with Yosemite support
- OS X Yosemite 10.10.2, iOS 8.1.3 updates now available
- Sports Illustrated 120 SPORTS channel comes to Apple TV
- Logic Pro X update brings AirDrop support, new effects, tools, and more
- Parallels Access 2.5 released, adds file manager, computer-to-computer remote access
- The Google Translate iOS app is about to get a lot smarter