Early last week, a zero-day vulnerability was discovered in Java, software that is developed by Oracle Corporation and part and parcel of the web and browsers.
Apple had taken steps to disable the use of Java 7 plugins on Macs, but now after Oracle released a Java 7 Update 11 patch for the vulnerability on Sunday, the fruity giant has also released its own Java 7 Update 11 today, to address the issues on the Mac.
The Java 7 Update 11 is the instant critical security update required to fix the zero-day exploit present in Java 7 Update 10 and previous versions of the Java software. According to Oracle, this latest update modifies the way in which web apps interact with Java on a local computer.
Java 7 Update 11 satisfies Apple’s anti-malware requirements for OS X. It is still however required that a minimum Java version of 1.7.0_10-b19 be maintained. The U.S. Department of Homeland Security still continues warn users that the Java browser plugin can still be a risk even after the update from Oracle.
Oracle states “the default security level for Java applets and web start applications has been increased from Medium to High.” It further states:
“This affects the conditions under which unsigned (sandboxed) Java web applications can run. Previously, as long as you had the latest secure Java release installed applets and web start applications would continue to run as always. With the “High” setting the user is always warned before any unsigned application is run to prevent silent exploitation.”
You can download the latest Java 7 Update 11 here or through any active program or browser that uses Java.
Source: ZDNet