Following Oracle patch, Apple releases update to fix new Java ‘zero-day’ vulnerability

Following Oracle patch, Apple releases update to fix new Java ‘zero-day’ vulnerability

Earlier today, Oracle released an update to Java to address two separate vulnerabilities in Java. Now, Apple has released a patch for OS X 10.7 and later which fixes those issues and disables older versions of the plug-in.

The update brings Java SE 6 to 1.6.0_43 and disables plugins on machines that don’t have the latest version of Java. One of the flaws discovered by researchers and revealed last week was classified as a ‘zero day’ or unknown vulnerability that was already being exploited in the wild, so you should update your machine ASAP.

Screen Shot 2013-03-04 at 2.41.44 PM

But everything isn’t all clear yet. Even as Oracle shipped its patch earlier today, it was also informed of five new flaws in Java and it has said it is already investigating.

At this point, the safest thing you could do is to disable Java entirely on your system unless it’s absolutely necessary. Apple has consistently said that people remove the Java plugin or disable it if not in use and the US Department of Homeland Security recently recommended that people do the same. This update also follows on from a patch that fixed a vulnerability used to hack into Apple employees’ systems.

The patch is available via Software Update on your Mac.

Read next: The Pirate Bay may or may not have been invited to North Korea, but it's not being hosted there

Corona coverage

Read our daily coverage on how the tech industry is responding to the coronavirus and subscribe to our weekly newsletter Coronavirus in Context.

For tips and tricks on working remotely, check out our Growth Quarters articles here or follow us on Twitter.