Wednesday, February 20, 2013

Oracle Updates Java Again & Java Malware Strikes Apple Inc

Oracle released an update to Java today, its second Java update in February 2013.  The release updates Java 7 to Update 15, and Java 6 to Update 41.  According to Oracle's release notes, this Critical Patch Update has all of the fixes included in the February 1 update, plus five additional security fixes.  The February 1 Java update was released ahead of a scheduled February 2013 update, and the delivery of Java 7 Update 15 completes the planned Critical Patch Update for Java SE for February 2013.  Test your computer's Java plugin.

Since Java 6 has reached Oracle's End of Public Updates, auto update and manual update of Java 6 will replace Java 6 with Java 7.  Oracle states that they will not leave a version of Java installed on your system for which they no longer provide security updates.  As such, when you update from Java 6, the installer will install Java 7, and remove the highest version of Java 6 that is installed on your system.  If you still require Java 6 for certain applications other than ParaChat, you may download it manually from Oracle's web site.  ParaChat software is supported by all versions of Java, including Java 6 and Java 7.

Due to the threat posed by a successful attack, Oracle strongly recommends that you apply Critical Patch Update fixes as soon as possible.  Please see How Can I Be Certain That My Java Version Is Current?

Today, Reuters reported that employee Mac computers at Apple Inc had been attacked by hackers.  According to the report, some Apple employee computers were infected when they visited a site geared toward software developers.  Evidently, the site had been infected with malware that exploited a flaw in the current version of the Java plugin for web browsers, which subsequently infected the Apple employee computers.

Apple provided a Java update for Mac OS X 10.7 and 10.8 today.  In Apple's release notes, they state, "This release updates the Apple-provided system Java SE 6 to version 1.6.0_41 and is for OS X versions 10.7 or later.  This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a webpage, click on the region labeled "Missing plug-in" to go download the latest version of the Java applet plug-in from Oracle."

ParaChat recommends that you keep your Java plugin up to date with the latest Java update from Oracle.

No comments:

Post a Comment