Java patched again, Snow Leopard users blocked from older version (Updated)
Update: Apple's Java team has quickly responded to the patch with a revised JVM for Snow Leopard, OS X 10.6. The Java for Mac OS 10.6 Update version 12 (APPLE-SA-2013-02-01-1) is available in Software Update, according to an Apple security email. It updates Java to 1.6.0_39.
Another week, another Java exploit: Computerworld notes that Oracle has once again updated the Java VM for all platforms to fend off a prospective exploit. The update is technically the scheduled February critical updates release, but the delivery was pushed up.
Unfortunately, while Mac users on OS X 10.7 Lion and 10.8 Mountain Lion can upgrade their JVMs using Oracle's installer for Java 7, Snow Leopard (10.6.8) machines are out of luck. Oracle's Java 7 installer won't run, and as of yesterday Apple's supplied Java 6 is blocked by Apple's own XProtect malware shield -- it won't do applets in Safari or Firefox until it's patched.
There are some hacky workarounds for either disabling/modifying the XProtect manifest (not recommended) or getting Java 7 to install on 10.6.8 (also not recommended) -- but if you need to run Java in the browser on 10.6.8, there aren't many better options.
Speaking of recommendations, TJ's Reasonable Guide to Java security is a good resource for managing your risks with Oracle's runtime
Deals of the Daymore deals
Software Updatesmore updates
- Evernote introduces reminders to Mac, iOS apps
- Poser 10 and Poser Pro 2014 available, bringing new characters, physics and more
- Agile Partners releases Lick of the Day 2.0
- Google announces new Hangout app to hit iOS today
- Microsoft Office for Mac 2011 Update 14.3.4
- Pixelmator 2.2 available with over 100 new features and improvements