Posted by: David Harley | February 20, 2013

Apple sails away from Java (plug-ins)

[Update: you may find Lysa Myers’ article speculative article What We Know About Apple’s Malware Breach of interest. Well, I did.]

John Leyden reports in The Register that: Apple FINALLY fills gaping Java hole that pwned its own devs

Apple has belatedly patched a security hole in the Java engine it ships with Mac OS X – the very hole exploited by hackers to infect Apple’s own developers, their counterparts at Facebook and scores of other Mac-using companies.

Paul Ducklin remarks for Sophos that:

It’s telling, perhaps, that Apple, with this most recent update, seems to have washed its hands permanently of browser-based Java.

The update is for OS X 10.7 or later (10.6 has already been updated). Apple says:

This update uninstalls the Apple-provided Java applet plug-in from all web browsers….[and]….also removes the Java Preferences application, which is no longer required to configure applet settings.

Mac Virus/Small Blue-Green World/Anti-Malware Testing
ESET Senior Research Fellow


  1. Reblogged this on Khürt/blog (

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: