Apple issues Java security update

Apple Computer has released a Java update for Mac OS X to deal with flaws, one of which could enable malicious attackers to gain access to a system.

The Java 2 Standard Edition 5.0 Release 4 update, issued Monday, fixes a vulnerability in Java Web Start. The hole could allow a specially crafted application to bypass security restrictions and access resources on a system, potentially giving entry to an intruder. Java Web Start is a technology that loads Java applications over a network such as the Internet.

The update also patches a set of bugs in the "reflection" application programming interface, or API, parts of the Java Runtime Environment. These flaws could also allow an attacker to bypass security barriers to take control of a system.

The French Security Incident Response Team, or FrSIRT, rated the issues "critical" in an alert posted Tuesday.

The issues affect Mac OS X version 10.4.5 and the corresponding server edition of the operating system, which have Java 2 built into them. Apple advises people with this software to download and install the J2SE update.

The Java problems also have an impact on Microsoft Windows, Sun Microsystems' Solaris and Linux. In February, Sun issued an alert for the Web Start flaw and the Java Runtime Environment issues in these operating systems.

Santa Clara, Calif.-based Sun said at the time that it did not believe that the Web Start vulnerability had been exploited.

[mrpeabody3119]

So begins another MAC vs PC war

I want a clean fight.... MS fanboys - marketshare, MAC fanboys - It is the users fault (no really)

[mrpeabody3119]

So begins another MAC vs PC war

I want a clean fight.... MS fanboys - marketshare, MAC fanboys - It is the users fault (no really)

[shadowself]

Only one to fix?

"The Java problems also have an impact on Microsoft Windows, Sun Microsystems' Solaris and Linux."

So is Apple the only one to have fixed this?
OR
Is Apple the last one to fix this?

[shadowself]

Only one to fix?

"The Java problems also have an impact on Microsoft Windows, Sun Microsystems' Solaris and Linux."

So is Apple the only one to have fixed this?
OR
Is Apple the last one to fix this?

[Ganymede28211]

Just a suggestion...

I suggest that they add support to ad-ware and virus scanners to detect and remove any software that is deemed a total pain in the rear-end... First on the list.. JAVA.. in any variant on any OS....

[Ganymede28211]

Just a suggestion...

I suggest that they add support to ad-ware and virus scanners to detect and remove any software that is deemed a total pain in the rear-end... First on the list.. JAVA.. in any variant on any OS....

[Thomas, David]

Gee ...

I installed this update yesterday. Very interesting, that the "news" isn't "news" at all. Sort of after the fact. The point of "news" is to inform the public, or community, about something they don't know about.

Given this was an update to the Java runtime system, that included enhancements, as well as fixes, I can't figure out the "news" angle.

But I guess some alarmism is needed to keep as many viewers as possible.

[Thomas, David]

Gee ...

I installed this update yesterday. Very interesting, that the "news" isn't "news" at all. Sort of after the fact. The point of "news" is to inform the public, or community, about something they don't know about.

Given this was an update to the Java runtime system, that included enhancements, as well as fixes, I can't figure out the "news" angle.

But I guess some alarmism is needed to keep as many viewers as possible.

[J.G.]

More missing information

The article also does not make it clear that up-to-date Mac users
are already in 10.4.6. That should have been included since many
people would think from reading it that they are pass an issue the
article says is associated with 10.4.5.

[J.G.]

More missing information

The article also does not make it clear that up-to-date Mac users
are already in 10.4.6. That should have been included since many
people would think from reading it that they are pass an issue the
article says is associated with 10.4.5.