Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals

Apple Patches Nine-Month-Old Java Vulnerabilities

Fixes for a number of serious vulnerabilities in the version of Java in Mac OS X 10.4 and 10.5 were released by Apple today – about six months after Sun Microsystems released updated packages for all other platforms that Sun supports, including Windows. Apple releases its own updated versions of Java for Mac OS X.

As Rich Mogull discussed in “Protect Yourself from the Mac OS X Java Vulnerability” (2009-05-20), the flaws could allow a Java applet on a malicious Web site to execute arbitrary code on your computer, among other vulnerabilities. To work around the problem, Rich explained how to disable Java in Safari and Firefox. Rich also chided Apple for leaving such a major hole unpatched for so long.

The Java updates can be retrieved via Software Update, or at Apple’s Support Download site. The updates are listed for the last or latest releases of Leopard and Tiger: Mac OS X 10.5.7 (158 MB) and Mac OS X 10.4.11 (80 MB). No restart is required, but all browsers should be quit before installing the updates.

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.