Apple tries again with new OS X Lion, Snow Leopard Java updates
Has there been a FlashBack trojan resurgence? Apple has issued fresh Java updates for both OS X Lion and Snow Leopard, covering a long list of Java-flavored security issues including the nasty “arbitrary code execution” kind.
However, MacFixIt reports that Apple’s patch follows a Java security patch from Oracle itself by a matter of hours.
This update configures web browsers to not automatically run Java applets. Java applets may be re-enabled by clicking the region labeled “Inactive plug-in” on a web page. If no applets have been run for an extended period of time, the Java web plug-in will deactivate.
And, we have read that bit before. And, here are Apple’s much more timely, this time around, updates:
So, good news, Apple’s paying proper attention to Java security issues and has provided a patch hot on the heels of Oracle’s. Previously, Cupertino allowed FlashBack over two months to spread and grow into a 600,000-plus Mac botnet before offering a patch and removal tool.
An ounce of prevention, hmm?