Java patched again, Snow Leopard users blocked from older version (Updated)

Sponsored Links

Michael Rose
February 2nd, 2013
Java patched again, Snow Leopard users blocked from older version (Updated)

Update: Apple's Java team has quickly responded to the patch with a revised JVM for Snow Leopard, OS X 10.6. The Java for Mac OS 10.6 Update version 12 (APPLE-SA-2013-02-01-1) is available in Software Update, according to an Apple security email. It updates Java to 1.6.0_39.

Another week, another Java exploit: Computerworld notes that Oracle has once again updated the Java VM for all platforms to fend off a prospective exploit. The update is technically the scheduled February critical updates release, but the delivery was pushed up.

Unfortunately, while Mac users on OS X 10.7 Lion and 10.8 Mountain Lion can upgrade their JVMs using Oracle's installer for Java 7, Snow Leopard (10.6.8) machines are out of luck. Oracle's Java 7 installer won't run, and as of yesterday Apple's supplied Java 6 is blocked by Apple's own XProtect malware shield -- it won't do applets in Safari or Firefox until it's patched.

There are some hacky workarounds for either disabling/modifying the XProtect manifest (not recommended) or getting Java 7 to install on 10.6.8 (also not recommended) -- but if you need to run Java in the browser on 10.6.8, there aren't many better options.

Speaking of recommendations, TJ's Reasonable Guide to Java security is a good resource for managing your risks with Oracle's runtime

Thanks, Charles!

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget