“As noted by ZDNet, a major security vulnerability in Java 7 has been discovered, with the vulnerability currently being exploited in the wild by malicious parties,” Eric Slivka reports for MacRumors. “In response to threat, the U.S. Department of Homeland Security has recommended that users disable the Java 7 browser plug-in entirely until a patch is made available by Oracle.”
“Apple has, however, apparently already moved quickly to address the issue, disabling the Java 7 plug-in on Macs where it is already installed,” Slivka reports. “Apple has achieved this by updating its ‘Xprotect.plist’ blacklist to require a minimum of an as-yet unreleased 1.7.0_10-b19 version of Java 7. With the current publicly-available version of Java 7 being 1.7.0_10-b18, all systems running Java 7 are failing to pass the check initiated through the anti-malware system built into OS X.”
Read more in the full article here.
MacDailyNews Take: Java is the new Flash.
Apple makes OS X even more secure for Mac users by removing Java – October 19, 2012
Apple uninstalls Java applet plug-in from all web browsers – October 17, 2012
New zero-day Java exploit puts 1 billion PCs and Macs running OS X 10.6 or earlier at risk – September 26, 2012
Warning: New Java trojan targets Apple’s OS X along with Windows, Linux – July 11, 2012
Apple releases Java Update to remove Flashback trojan – April 12, 2012
OS X trojan variant preys on Mac users with unpatched Java – February 27, 2012
Jobs: Having Oracle, not Apple, release timely Java updates better for Mac users – October 22, 2010
Apple deprecates its release of Java for Mac OS X – October 21, 2010