Exclusive LG phones only from AT&T
Apple releases Java update addressing critical vulnerability
Apple has released an update for Java which addresses the recently announced vulnerability that has apparently been a long-standing bug in Java for OS X. The bug allowed for code and applications to be run as the current user, which could be dangerous if you were logged in as an adminstrator.
We discussed the problem and workarounds in our past article on the issue, but the current updates from Apple should address it completely and prevent the vulnerability from running. After applying the update, we tested the problem with the proof-of-concept java applet that we referenced in our initial article on the issue, and the applet isnt working anymore which indicates the problem has been fixed.
The updates are available via Software Update, and also from Apple's downloads page for both Tiger and Leopard users:
Information about this update can be found here: http://support.apple.com/kb/HT3581
Information about this update can be found here: http://support.apple.com/kb/HT3593
The update does not require a restart, but will require you to quit your Web browser and relaunch it for changes to take effect.
While it's been a long time coming, we're glad Apple has tackled this problem. People who have disabled Java in their Web browsers can now re-enable it again after applying this update.
UPDATE: The updates require the latest releases of their respective OS X versions to be installed. As such, people who have not updated to 10.5.7 (or 10.4.11 for Tiger users) will not be able to install this update. If you cannot update to the latest version because of some incompatibility, then we recommend you still keep Java disabled in Safari and other Web browsers.
Resources
Exception Type: EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000002, 0x0000000000000000
Crashed Thread: 0
Dyld Error Message:
Symbol not found: _GetSortedJVMVersions
Referenced from: /Users/wolf/Library/Internet Plug-Ins/JavaPluginCocoa.bundle/Contents/MacOS/JavaPluginCocoa
Expected in: /System/Library/Frameworks/JavaVM.framework/Versions/A/JavaVM
Try moving this file to the desktop:
/Users/wolf/Library/Internet Plug-Ins/JavaPluginCocoa.bundle
...and then try reinstalling the update.
thanks! that seemed to be it. I moved the file to the desktop but haven't reinstalled the update. now it seems to work.
thanks again,
wolf
It sounds like the plugin wasn't updated properly, so reapplying it should cause it to work; however, if it doesn't then this update is conflicting with another plugin you may have installed. As such, try troubleshooting them by removing them one-by-one (they should be in the same folder, or the /Macintosh HD/Library/Internet Plug-Ins/ folder) and relaunching Safari/Mail.
I also got an error message through Software Update. Downloaded from Apple site and that one updated successfully.
THANK YOU THANK YOU THANK YOU !!!!,
Mail and Safari apps start without crashing now.
Worked fine for me.
When I tried the patch, I got an error message that the update woyld only work with OS 10.5.7. I am running OS 10.5.6. This seems very strange since there is no mention of the version requirement anywhere. What gives?
I imagine it requires java patches that are in 10.5.7...dunno though.
From the MacRumors link to the Apple update [at http://support.apple.com/downloads/Java_for_Mac_OS_X_10_5_Update_4]-
"About Java for Mac OS X 10.5 Update 4
Java for Mac OS X 10.5 Update 4 delivers improved reliability, security, and compatibility for Java SE 6, J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.5.7 and later."
Software Update 'sees' that I do not have 10.5.7 installed (I'm only at 10.5.6) and does not present the Java update as an option to me.
Download the update again. Try Software Update's option, under its "Update" menu, to "Download Only", and run the updater it downloads.
or does this NOT show up in the plugins list for some reason?
if forgot to add the plugins list:-
Java Plug-in for Cocoa
Java Switchable Plug-in (Cocoa) ? from file ?JavaPluginCocoa.bundle?.
MIME Type Description Extensions
application/x-java-applet;version=1.3 Java applet
application/x-java-jnlp-file JNLP Applications jnlp
application/x-java-applet;version=1.5 Java applet
application/x-java-applet;version=1.2 Java applet
application/x-java-applet;version=1.2.1 Java applet
application/x-java-applet;version=1.1.3 Java applet
application/x-java-applet;version=1.4.2 Java applet
application/x-java-applet;version=1.1 Java applet
application/x-java-applet;version=1.1.1 Java applet
application/x-java-applet;version=1.3.1 Java applet
application/x-java-applet;jpi-version=1.5.0_19 Java applet
application/x-java-applet Basic Java Applets javaapplet
application/x-java-applet;version=1.4 Java applet
application/x-java-applet;version=1.1.2 Java applet
application/x-java-applet;version=1.2.2 Java applet
When, not if, a real, self-propagating nasty gets loose in the wild these people be facing their personal data Armageddon.
I urge everyone to be diligent in keeping your systems patched and up to date. Fix your problems or, if you can't do it yourself, pay someone to fix your systems. This Java update installs without issues on stable, problem free systems. Ignore the "Don't install" crap.
You are my new best friend. Thank you for some words of wisdom and common sense!! I worked with a client this morning who gave me the "I should have the right to ..." speech. Sadly the answer is you don't have the right to load your computer with odd or old third-party software and out-dated Apple software and expect a trouble-free upgrade. There wasn't a lot we could do. It's easy to blame Apple but it's a developer's job to maintain their software. And it's a computer owner's job to keep his/her system clean, uncluttered and current.
- by tkessler June 16, 2009 7:46 AM PDT
- <class="merchant"><span>>></span><div class="datestamp"><i>This is a reply to a previous comment by Ideas11</i></div></class><br />
- Like this Reply to this comment
-
Showing 1 of 2 pages (31 Comments)...red-line my car engine until it pops, and then have Toyota give me a new one for free! >:(