Users are confirming that systems running Java 7 are failing to pass the check through Xprotect.plist with Java 7 version 1.7.0_10-b18 (the currently-available version from Oracle).
Adam Gowdiak, the CEO of Security Explorations (the company responsible for reporting the zero-day flaw) has said in an email interview with Softpedia that this is just another example of Java vulnerabilities stemming from the insecure implementation of the Reflection API.The issue affects all Java plugin versions from 4 through 7.
Gowdiak reports that the new attack is a combination of two vulnerabilities, adding that Oracle has been given a heads up about the issue in August 2012.
?The zero-day code would not work if Issue 32 was properly addressed,? Gowdiak mentions.
Apple is now blocking the Java browser plug-in on Macs running anything from OS X 10.6 (Snow Leopard) and newer. Users who are running an earlier version of OS X, such as Leopard, are instructed to disable Java manually.
Since Java 7 is not shipped by default on newer versions of OS X, numerous users remain unaffected. However, there are users who manually installed Java 7.
Safari users can easily disable Java by visiting the browser?s Preferences. There users must select the Security tab and uncheck the ?Enable Java? box.
Google Chrome users need to go to chrome://plugins to find the same options, and Firefox users must navigate to the ?Tools? menu, then ?Add-ons,? and select the ?Plugins? tab. Finally, users must click the ?disable? button in front of the Java Applet Plug-in.
Source: http://news.softpedia.com/news/Apple-Officially-Blocks-Java-7-in-OS-X-320678.shtml
vanna white michael robinson joe paterno memorial service taco bell breakfast menu ener1 national chocolate cake day epstein
No comments:
Post a Comment