New Java zero-day covers all versions, could affect Macs
First the bad news: a rather serious zero-day exploit has been discovered in all currently-supported versions of Java. And yes, this sort of exploit can be used to hijack a machine. Now the good news: Apple stopped bundling Java back in 10.6, and this exploit is a proof-of-concept and has been submitted to Oracle, who should be working on a fix as we speak.
If you don't need Java, we don't recommend installing it on Lion or Mountain Lion machines. If you do use Java, always be sure to install the latest patches. Oracle is due to issue more patches in mid-October.
Bottom line: this exploit is NOT in the wild, has not been seen active on any machines, but exists as a flaw in Java. Unless someone independently discovers it and decides to actually exploit the flaw, you'll be fine -- and a patch should be coming soon.
Subscribe to Newsletter
Software Updatesmore updates
- Dropbox adds support for TouchID
- YouTube for iOS gets updated with full support for iPhone 6 and 6 Plus
- iOS 8.0.1 update now available (Updated -- Don't update!)
- NFL Mobile updated for 2014 Season with new Fantasy Football features, NFL Now integration
- Yahoo Mail improves email inbox searching with new filtering options
- Ember for Mac gains 'hugely-requested' screen recording feature