Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals
3 comments

Java for OS X 2013-002 and Java for Mac OS X 10.6 Update 14

Less than two weeks after its last Java updates, Apple has released Java for OS X 2013-002 for OS X 10.8 Mountain Lion and 10.7 Lion and Java for Mac OS X 10.6 Update 14 for 10.6 Snow Leopard. Apple’s security page notes that these updates address two critical vulnerabilities (CVE-2013-0809 and CVE-2013-1493), the latter of which has been actively exploited to, according to Oracle, “maliciously install the McRat executable onto unsuspecting users’ machines.” Once installed, McRat can then download further malware onto the affected computer. Both updates bring Java SE 6 up to version 1.6.0_43. The updates are available via the App Store app or Software Update and direct download, and Apple reminds you to quit any Web browsers and Java applications before installing either one.

If you don’t rely on Java for any critical apps, it might be time to remove Java entirely from your system. Over at Macworld, Rich Mogull recommends doing this, and describes how to extricate it from your Mac. If you need Java to run an app (such as the CrashPlan backup utility), Rich also explains how you can isolate Java by disabling it in the Safari, Chrome, and Firefox browsers. (Free, 63.8 MB and 69.3 MB)

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About Java for OS X 2013-002 and Java for Mac OS X 10.6 Update 14