Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
Become a TidBITS member!
 

 

TidBITS Watchlist
 
Set Your Default Printer

If you print mostly to a single printer, make sure it's selected in the Print & Fax preference pane's Default Printer pop-up menu.

Share your own tip! | Search TipBITS

 

 

Related Articles

 

 
Watchlist | 05 Mar 2013 | Print Printer-Friendly Version of This Article | Comment (3)

Java for OS X 2013-002 and Java for Mac OS X 10.6 Update 14

by Agen G. N. Schmitz Send Email to Author

Send Article to a Friend

Less than two weeks after its last Java updates, Apple has released Java for OS X 2013-002 for OS X 10.8 Mountain Lion and 10.7 Lion and Java for Mac OS X 10.6 Update 14 for 10.6 Snow Leopard. Apple’s security page notes that these updates address two critical vulnerabilities (CVE-2013-0809 and CVE-2013-1493), the latter of which has been actively exploited to, according to Oracle, “maliciously install the McRat executable onto unsuspecting users’ machines.” Once installed, McRat can then download further malware onto the affected computer. Both updates bring Java SE 6 up to version 1.6.0_43. The updates are available via the App Store app or Software Update and direct download, and Apple reminds you to quit any Web browsers and Java applications before installing either one.

If you don’t rely on Java for any critical apps, it might be time to remove Java entirely from your system. Over at Macworld, Rich Mogull recommends doing this, and describes how to extricate it from your Mac. If you need Java to run an app (such as the CrashPlan backup utility), Rich also explains how you can isolate Java by disabling it in the Safari, Chrome, and Firefox browsers. (Free, 63.8 MB and 69.3 MB)

 

READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Ronald Weisman, Matt Neuburg, Stern Greg, and Philip
Matthews for their generous support!
 

Comments about Java for OS X 2013-002 and Java for Mac OS X 10.6 Update 14

David Lyles  2013-03-08 14:28
"If you don’t rely on Java for any critical apps . . ."

How do I determine this?
Adam Engst  An apple icon for a TidBITS Staffer 2013-03-09 08:10
There's no way to determine whether any given app uses Java, as fas I know, but there are some common apps that do. Notably:

* Adobe Creative Suite
* CrashPlan
* Minecraft
* OpenOffice

See this article for others.
http://www.zdnet.com/blog/bott/how-big-a-security-risk-is-java-can-you-really-quit-using-it/4749
Wayne Johnson  An apple icon for a TidBITS Supporter 2013-03-12 20:32
Aside from using specific apps like Adobe Creative Suite and Adobe Elements, I visit a number of financial service sites that rely on Java. In fact, both my banking and investment broker sites, which I visit daily, require Java. In short, it seems that I have no choice but to keep updating it.

I’m running OS X 10.6.8 and plan to continue using it for the foreseeable future. So far, I’ve experienced none of the Java-related issues that I read so much about. Same goes for Adobe’s much despised Flash plug-in.

I’ve filed the Macworld piece on removing/disabling Java, but for the time being I’ll keep doing what I’ve been doing: when I’m informed about updates, I download them, then nose around the web for any major issues related to them. If nothing serious surfaces in a week or two, I install them. So far, so good.