Java patched again, Snow Leopard users blocked from older version (Updated)
Update: Apple's Java team has quickly responded to the patch with a revised JVM for Snow Leopard, OS X 10.6. The Java for Mac OS 10.6 Update version 12 (APPLE-SA-2013-02-01-1) is available in Software Update, according to an Apple security email. It updates Java to 1.6.0_39.
Another week, another Java exploit: Computerworld notes that Oracle has once again updated the Java VM for all platforms to fend off a prospective exploit. The update is technically the scheduled February critical updates release, but the delivery was pushed up.
Unfortunately, while Mac users on OS X 10.7 Lion and 10.8 Mountain Lion can upgrade their JVMs using Oracle's installer for Java 7, Snow Leopard (10.6.8) machines are out of luck. Oracle's Java 7 installer won't run, and as of yesterday Apple's supplied Java 6 is blocked by Apple's own XProtect malware shield -- it won't do applets in Safari or Firefox until it's patched.
There are some hacky workarounds for either disabling/modifying the XProtect manifest (not recommended) or getting Java 7 to install on 10.6.8 (also not recommended) -- but if you need to run Java in the browser on 10.6.8, there aren't many better options.
Speaking of recommendations, TJ's Reasonable Guide to Java security is a good resource for managing your risks with Oracle's runtime
Subscribe to Newsletter
Software Updatesmore updates
- Readdle rolls out PDF Expert 5: iCloud support, shared folder with Documents by Readdle
- FlightTrack 5: new look and features just in time for holiday travel
- HBO Go for iOS update adds Google Chromecast support
- Haiku Deck updates iPad app, launches web-based cloud version
- Weather Underground iPhone app gets crowdsourced weather, iOS 7 style
- Apple updates iMovie, adds support for older Macs