Apple Patches Java Bugs
patch Java OS operating systems
Altogether Apple repaired a total of 27 bugs for Leopard Mac OS X 10.5 and 23 for Tiger Mac OS X 10.4. Two of the vulnerabilities specific to Leopard were considered critical, allowing hackers to launch malicious code on an affected system via a specially crafted Java applet. An attacker would likely execute arbitrary code by tricking a victim into viewing a malicious Web site.
The Mac-specific fixes address both of the critical errors through better handling. Additionally, the update addresses numerous other glitches, including Java 1.4.2_16, Java 1.5.0_13 and Java 1.6.0_05, which open the door for attackers to execute malicious code, alter information or enable them to obtain elevated access privileges.
In the past, Apple has received criticism from users and industry experts alike for being slow to plug looming security holes. The Apple security fixes came months after Java's developer Sun Microsystems fixed many of the same errors for Microsoft Windows and other operating systems in April. However, Apple is responsible for maintenance and patch management of its own version of Java.
The Java patch is available to users through Apple's regular Software Update as well as on its Web site under "Downloads." Security experts advise users to update their systems as soon as possible in order to avoid exploitation.