It’s not a good month for Java. Last week, Mozilla advised Firefox users to disable Java, citing security concerns. Today it became known that Apple has a fresh patch for Java that covers several security holes.
The issue that Mozilla warned over was present in Java 7. The problems that Apple is today patching deals with Java 6, which shipped with OS X 10.6.
According to Krebs on Security, a working exploit is already out that takes advantage of one of the security issues. This is hardly surprising: a serious flaw in Java was the cause of the Flashback Trojan disaster earlier this summer. At the peak of that infection wave, hundreds of thousands of Mac machines were compromised.
Krebs, noting the total pain that Java has caused, and is continuing to dole out, has a simple tip: uninstall Java, and if you need it later, you can simply re-install it. Apple no longer serves Java with its operating system, but users of OS X can install it manually, naturally.
If you want to keep Java, you can snag the security update here, from Apple’s website. From its notes, the patch “configures web browsers to not automatically run Java applets.” Users can activate Java by clicking on areas where Java-enabled content would appear, if loaded properly.
The best part: “If no applets have been run for an extended period of time, the Java web plug-in will deactivate.” Apple, it seems, is utterly over Java.
Top Image Credit: davidd