Jump to content
LilBambi

Apple adds even current Java to their X-Protect List

Recommended Posts

Apple and Mozilla - 'Just say no to Java' - NakedSecurity Blog - Sophos

 

 

As if advice from SophosLabs own Fraser Howard and the US Department ofHomeland Security are not enough reason to ditch Java, Apple and Mozilla have both decided to join the party.

This afternoon, Friday January 11th here on the North American West coast, Apple released an updated malware definition list for their XProtect pseudo-antivirus protection in OS X Snow Leopard and newer.

Instead of identifying a new virus, this updated definition temporarily disabled the Java Web Start browser plugin that enables Java applications to run inside of Safari/Firefox/Chrome.

 

Google Chrome already has users manually choosing if they want to run Java for some time now. Seems that was a wise move on their part. Java 7 wasn't working great on Macs anyway. And I even disabled Java entirely and removed it from the Google Chrome browsers where I use it as default.

 

More info on this at my blog here including this latest update from Apple and Mozilla on Friday January 11, 2013.

  • Like 1

Share this post


Link to post
Share on other sites

I like the run confirmation for a Java app. Lets me decide if I want to run it, and I don't have to go through the hassle of specifically enabling/disabling it if I need it.

 

Adam

  • Like 1

Share this post


Link to post
Share on other sites

Yep, me too. Now Firefox and Google Chrome have this. Google Chrome already had it for some time.

Share this post


Link to post
Share on other sites

heavy sigh.

one wishes oracle would at least repair java...

  • Like 1

Share this post


Link to post
Share on other sites

They did Temmu.

 

Oracle Releases Java 7u13 to Address Active Exploitation ‘In the Wild’ - intego Mac Security Blog - FEBRUARY 1, 2013

 

 

Posted on February 1st, 2013 by Derek Erwin

 

Oracle has just released Java SE 7u13, issuing an out-of-band update to address active exploitation “in the wild” of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers. This update contains 50 new security fixes and applies to all versions of Java 7 before update 13.

 

Of course, it's a moving target as it is with all plugins for browsers, but great to see!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...