Apple blocks Java 7 plug-in in Mac OS X after exploit discovered

Apple blocks Java 7 plug-in in Mac OS X after exploit discovered
A huge security exploit was discovered for Java versions 4 through 7 earlier this week, prompting the U.S. Department of Homeland Security to recommend users block the browser plug-in until Oracle can patch it.

Instead of giving users the choice, Apple has gone the safe route, blocking the plug-in from within Mac OS X.

The vulnerability allows remote installation of malware such as keyloggers and software that could turn your PC into a zombie for a botnet.

"We are currently unaware of a practical solution to this problem," said Homeland Security's Computer Emergency Readiness Team (CERT). "This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. Exploit code for this vulnerability is also publicly available."

Apple was able to block the plug-in by updating its "Xprotect.plist" blacklist "to require a minimum of 1.7.0_10-b19 version of Java 7," which is set for release in a few weeks. All other versions fail the anti-malware checks of the OS.

Written by: Andre Yoskowitz @ 12 Jan 2013 18:24
Apple Browser Oracle java 7 plug-in security exploit
Advertisement - News comments available below the ad
  • Azuran

    Don't worry. Apple will protect you.

    12.1.2013 19:38 #1

  • KillerBug

    I disabled it in my browsers and blocked it in my firewall but java is still useful for other offline tasks...glad MS isn't blocking it.

    13.1.2013 00:50 #2

  • bobiroc

    Makes me wish a key software did not require Java to run in it's web access. Let's hope my other content filtering and firewall saves me from my users. I so wish I could have a no java life aside from my many morning cups of coffee.

    AMD Phenom II 965 @ 3.67Ghz, 8GB DDR3, ATI Radeon 5770HD, 256GB OCZ Vertex 4, 2TB Additional HDD, Windows 7 Ultimate.

    13.1.2013 22:29 #3

© 2022 AfterDawn Oy

Hosted by
Powered by UpCloud