This article originally appeared in TidBITS on 2013-06-21 at 1:37 p.m.
The permanent URL for this article is: http://tidbits.com/article/13868
Include images: Off

Java for OS X 2013-004 and Java for Mac OS X 10.6 Update 16

by Josh Centers

Apple has released Java for OS X 2013-004 [1] for OS X 10.8 Mountain Lion and 10.7 Lion and Java for Mac OS X 10.6 Update 16 [2]. Both update Java SE 6 to 1.6.0_51, but they have different effects on the built-in Java browser plug-in. The update for Snow Leopard enables per-site control of the plug-in, while the update for Lion and Mountain Lion removes Apple’s Java plug-in entirely, directing you to download Oracle’s plug-in if you need it. Apple’s security page [3] notes that these updates address several critical vulnerabilities that could cause arbitrary code execution outside of the Java sandbox, as well as 33 other vulnerabilities. The updates are available via the App Store app or Software Update and direct download, and Apple reminds you to quit any Web browsers and Java applications before installing either one. For more information about Java on the Mac, see “FlippedBITS: Java, JavaScript, and You [4],” 2 May 2013. (Free, 64.01 MB for 2013-004 and 69.48 MB for Update 16)

[1]: http://support.apple.com/kb/HT5717
[2]: http://support.apple.com/kb/DL1573
[3]: http://support.apple.com/kb/HT5797
[4]: http://tidbits.com/article/13730