Safari now lets users define the websites allowed to run Oracle's bug-plagued Java software in the browser's Preferences console. Unless Apple changes its mind on Snow Leopard, it will also issue patches the same day for that version of OS X as well as for Lion and Mountain Lion. The next scheduled Java security update is set for release by Oracle on June 18. Those messages, which were called confusing by U.K.-based security vendor Sophos, display small icons or badges that represent various risks. OS X Lion and Mountain Lion users running Java 7 will also see new messages that appear in their browser of choice when attempting to launch a Java applet. It was easily the biggest-ever security event on OS X, and a major embarrassment for Apple, which, in response, changed its Java patch cadence to match Oracle's. The new Safari tool may come in handy: Hackers have turned up the heat on Oracle in the past year, exploiting a succession of Java vulnerabilities, including several so-called "zero-day" bugs, or unpatched - and in some cases even unknown - flaws.Ī year ago, for instance, cybercriminals infected more than 600,000 Macs in the widespread "Flashback" malware campaign by exploiting a Java vulnerability that Oracle had fixed, but Apple had not. Users comfortable with changing security settings can now allow Java to run on trusted websites - an online banking site, for example - while blocking it from executing on other domains.Īpple has published a support document outlining how the new site-by-site Java permission manager operates. The browser now lets users closely manage Java permissions by selecting which sites can execute the software. Some experts anticipated IE10 fixes for the Pwn2Own flaws last week on April's Patch Tuesday, but Microsoft disappointed.Īlso Tuesday, Apple refreshed Safari 6 for OS X Lion and Mountain Lion, and Safari 5 for Snow Leopard to add a new security tool. French bug broker Vupen exploited Internet Explorer 10 (IE10) on Windows 8 at Pwn2Own. With Oracle's patches for Pwn2Own's Java vulnerabilities, only Microsoft has yet to close a hole uncovered at the challenge. Each researcher (or in one instance, a team of researchers) was awarded $20,000 by HP TippingPoint, which co-sponsored the challenge. Tuesday's update to Java included fixes for the four vulnerabilities exploited by researchers at last month's Pwn2Own hacking contest. The last public patches for Java 5, for example, shipped in November 2009, but Apple continued to issue Java 5 updates for OS X Leopard until June 2011, or 20 months later. Apple will probably have access to those only-for-corporate-customers patches and will use them to draft updates for its own users. Even after Oracle halts support for Java 6, it will still distribute patches to enterprises that have negotiated contract support plans. Oracle did not say how long it will continue to provide patches for Java 6 to Windows users, and thus how long Apple will be able to issue security updates to its customers still running Snow Leopard.īut Apple could do so for months to come. This problem is solved in newer releases.If Oracle and Apple had not continued to support Snow Leopard with Java patches, the percentage of unprotected Mac users would have jumped from the current 9% to a whopping 36%, or more than a third of the installed base. (Ref: "JRE with Database", Fri, 14:39:16 +0100, Guy Voets) Base, a Java-dependent part of OOo, apparently works on Leopard using OOo 2.4RC4. All other functionality of remains on Leopard.Īs of 2008-Mar-14, Open Office 2.4.x development versions do appear to recognize the Java Runtime Environment on Leopard successfully. This means that the Wizards, Base and some other things are unavailable in 2.3.1 or earlier. Please note that the Java features of are only available from 2.4 (more specifically, milestone m237) and later. As of 2008-Mar-14, the Mac OS X 10.4/5 download page says, Thus OpenOffice 2.3.x is not able to recognize the JRE on Leopard. However, Java is structured differently on Leopard than it was on Mac OS X 10.4 "Tiger". There is currently a Bug reported for those using OpenOffice 3.2.1 with OSXĪpple confidently tells you that "Every version of Mac OS X comes with Java out of the box." Specifically, Leopard comes with J2SE 5.0 preinstalled, based on JDK 1.5.0_13_b05. Where do I get a Java Runtime Environment (JRE) for Mac OS X 10.5 "Leopard"?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |