Smokey Bearveritas odium paritPremium
Apple removes Java plug-in from Safari and other webbrowsers
DarkReading | Oct 18, 2012
Apple yesterday made another bold move in its efforts to double-down on security -- by removing its Java plug-in from Safari and other Web browsers.
In Apple's Java for OS X 2012-006 1.0 release, which came on the heels of an Oracle patch for Java this week, the Java applet plug-in gets automatically uninstalled from Web browsers. If users want Java applets to run via their browser, they have to download an applet directly from Oracle. Apple also upgraded its own Java version to the latest Oracle release, Java SE 6 1.6.0_37.
"This release updates the Apple-provided system Java SE 6 to version 1.6.0_37 and is for OS X versions 10.7 or later. This update uninstalls the Apple-provided Java applet plug-in from all web browsers," Apple's Java for OS X 2012-006 advisory says. "To use applets on a web page, click on the region labeled "Missing plug-in" to go download the latest version of the Java applet plug-in from Oracle."
Apple's update encompasses all browsers that don't include their own Java plug-in and use Apple's, says Paul Ducklin, head of technology for Sophos in the Asia-Pacific.
Security experts say Apple's dropping Java from the browser makes sense. "By ripping Java out of the browser, a lot of those malicious downloads are not going to find what they need to exploit," says Randy Abrams, research director with NSS Labs. "This was really a significant step. I'm guardedly optimistic that this means Apple is really beginning to take security more seriously."
»bit.ly/gUqYaH - C. Brian Smith: Think of the exclamation point as a car horn: a little goes a long way. Lay on it too hard and everyones going to think youre a moron.
Grand Rapids, MI
They sure did not like that flashback they were in denial for so long.
Gladiator Security Forum
BlackbirdBuilt for SpeedPremium
Fort Wayne, IN
|reply to Smokey Bear |
Wow... no Flash, and now no Java natively for Apple. That's got to be 90%+ of the anti-malware battle right there!
siljalineI'm lovin' that double widePremiumReviews:
|reply to Name Game |
Apple Kills Java In Macs' Browsers After A Slew Of Security Vulnerabilities
|reply to Smokey Bear |
Good, that makes the job of stopping Minecraft and others from native browser support. It will give a headache to so many out there but it does save me trying to tell my kids they can not use java for games and instead stay with the installer version if available.
It had to be done and thanks for the help supporting a safer internet, even if a little slow on response time. "Duty of Care" has to come into it at some stage.
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke