Mac Security: Java for OS X, Flash, Evernote Updates [u]
Have a Mac running OS X Lion v10.7 or later with Java installed? Then you need to fire up the Mac App Store (a.k.a. Software Update) and get this Java for OS X Update. And, wow, what a weekend for Mac security! Evernote and Flash hacks made the rounds, meaning even more security-centric updates for the rest of us.
And, there’s this bit of boilerplate Apple’s been including with recent Java for Mac updates:
On systems that have not already installed Java for OS X 2012-006, this update disables the Java SE 6 applet plug-in. To use applets on a web page, click on the region labeled “Missing plug-in” to download the latest version of the Java applet plug-in from Oracle.
Apple has posted detailed update notes, but the details are exactly the same as those provided above — thanks for that. Likewise, the mothership hasn’t yet listed the security content of the Java for OS X 2013-002 Update — we’re welcome, we’re sure.
Needless to say, Java users need to apply both the Apple and Oracle’s patches.
An Eventful Weekend
Just in case you missed the Mac Security fun this weekend, Apple pushed a Xprotect update that blocked older versions of Adode Flash due to the appearance of an active, in-the-wild exploit. Get the latest Flash update, which addresses the vuln.
Like a long list of other A-list internet companies of late, Evernote got hacked and dutifully announced the same to its 50 million users. The company says no sensitive info was compromised.
Nevertheless, Evernote is requiring users to update their passwords, and has released updates for Evernote 5.0.6 for Mac (MAS) and Evernote 5.2.2 for iOS (iAS), both of which are said to include multiple security patches.
[u] In a statement provided to InformationWeek, Evernote spokeswoman Ronda Scott said, “We were already planning to roll out optional two-factor authentication to all of our users later this year. We are accelerating those plans now.”
Hopefully, that will be benefit than trouble whence it arrives — no mention from Evernote on the timing yet…