Home » Mac, Security

Mac Security: Java for OS X, Flash, Evernote Updates [u]

5 March 2013 1,153 views 2 Comments

Have a Mac running OS X Lion v10.7 or later with Java installed? You need to update. And, wow, what a weekend for Mac security! More updates!

Have a Mac running OS X Lion v10.7 or later with Java installed? Then you need to fire up the Mac App Store (a.k.a. Software Update) and get this Java for OS X Update. And, wow, what a weekend for Mac security! Evernote and Flash hacks made the rounds, meaning even more security-centric updates for the rest of us.

Java for OS X 2013-002, download
— Java for OS X 2013-002 delivers improved security, reliability, and compatibility by updating Java SE 6 to 1.6.0_43.
— See also: Java for Mac OS X 10.6 Update 14

And, there’s this bit of boilerplate Apple’s been including with recent Java for Mac updates:

On systems that have not already installed Java for OS X 2012-006, this update disables the Java SE 6 applet plug-in. To use applets on a web page, click on the region labeled “Missing plug-in” to download the latest version of the Java applet plug-in from Oracle.

Apple has posted detailed update notes, but the details are exactly the same as those provided above — thanks for that. Likewise, the mothership hasn’t yet listed the security content of the Java for OS X 2013-002 Update — we’re welcome, we’re sure.

Capping it all is Oracle’s Security Alert for CVE-2013-1493, a remotely exploitable vulnerability. There is, however, a patch available.

Needless to say, Java users need to apply both the Apple and Oracle’s patches.

An Eventful Weekend

Just in case you missed the Mac Security fun this weekend, Apple pushed a Xprotect update that blocked older versions of Adode Flash due to the appearance of an active, in-the-wild exploit. Get the latest Flash update, which addresses the vuln.

Like a long list of other A-list internet companies of late, Evernote got hacked and dutifully announced the same to its 50 million users. The company says no sensitive info was compromised.

Nevertheless, Evernote is requiring users to update their passwords, and has released updates for Evernote 5.0.6 for Mac (MAS) and Evernote 5.2.2 for iOS (iAS), both of which are said to include multiple security patches.

[u] In a statement provided to InformationWeek, Evernote spokeswoman Ronda Scott said, “We were already planning to roll out optional two-factor authentication to all of our users later this year. We are accelerating those plans now.”

Hopefully, that will be benefit than trouble whence it arrives — no mention from Evernote on the timing yet…

Feel safer?

Related posts:
Java for Mac OS X Updated for Snow Leopard, Lion, Mountain Lion
Mac Security: Adobe Patches Zero Day Flash Exploit
Java for Mac OS X 10.6 Update 12, Oracle Patches Available
Best Mac AntiVirus? You Have Choices
Mac Antivirus: Intego Virus Barrier, Net Barrier Save 30%

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.