Apple allows banned Java back on the Mac after update

Java back on the Mac after Oracle issues fix, until next time...

Enterprises who rely on Java are breathing a sign of relief today as Apple has issued an update to Java, returning it to the Mac.

As we wrote on Friday, Apple had barred Java from running on Macs, leaving companies that rely on Java plug-ins out in the cold.

Apple blocked Java 7 Update 11 by adding it to the banned list in XProtect.

Oracle released an update to the Java platform on Friday night. Java 7 Update 13 is available now with a build number of 1.7.0_13-b20.

In its notes about the update, Apple says: "Java updates are available that address a recently identified Java web plug-in vulnerability".

The company adds some advice about running, or rather not running Java on the Mac.

To help limit exposure to potential Java web app vulnerabilities, try to follow this best practice:Enable Java in your web browser only when you need to run a Java web app.Confine your web browser only to the websites that need the Java web app. Do not open any other websites.When you are done, disable the Java web plug-in. See How to disable the Java web plug-in in Safari.

It was the second time in two weeks that Apple had blocked Oracle's code from running on Macs.

The threat earlier in January was so serious that the US Computer Emergency Readiness Team, part of the US Department of Homeland Security, urged users to disable Java in their webbrowsers.

Java has come under fire as the means by which hackers have been able to gain control of computers. In April 2012 more than 600,000 Macs were reported to have been infected with a Flashback Trojan horse that was being installed on people's computers with the help of Java exploits.

Apple has already stopped bundling Java with OS X by default.

Follow Karen Haslam on Twitter / Follow MacworldUK on Twitter


Apple bans Java from Macs, businesses that rely on Java bereft

If you don't really need Java, get rid of it

Digest: A history of the Mac Flashback Trojan

Java security threats: What you need to know

Macs at risk from 'super dangerous' Java zero-day

Up close with Mountain Lion: Security

Join the CSO newsletter!

Error: Please check your email address.

Tags Mac softwarepatchesAppleapplicationssecuritysoftwareGraphics / multimediaOracle

More about AppleMacsOracle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Karen Haslam

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts