Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

Apple Addresses Java Security Issues For Safari & OS X

Wednesday, July 31st, 2013 by | Filed Under: iOS, Mac OS

Apple recently released security updates for Mac OS X in order to address the various security vulnerabilities associated with Flash and Java. According to an Apple update report, the security update is designed to prevent various malicious applications purporting to be harmless codes or apps that could bypass the security measures implemented in the Java 7 and Flash players.

Adobe Flash Player Updates Released

In order to address the security holes in the older version of Flash players, Apple has blocked the older version of Flash and enforced a minimum security requirement for the newer Flash players through its Xprotect anti-malware system. This aims to block malicious Java programs from getting into the Mac devices. Ars Technica reported that Adobe addressed that issue with a new update for their product. Flash Player update 11.5.502.149 can be manually downloaded by Flash Player users. It is also available as an automatic update for Flash users who opted for an automatic update of the product.

Wild attacks have been reported using malicious Flash content on various Mac and Windows computers, targeting the Flash Player running in the Safari or Firefox platforms. In some instances, the users are  tricked into opening a Word document from Microsoft that has the malicious Flash content. Apple released a new document that will guide Mac users on how to safely download the latest update on Flash Player that will remove the threat of Flash player plug-in vulnerability.

Java 7 Plugin Security Threat Blocked by Apple

Once vulnerabilities in Java 7 were discovered, Apple was quick to address the issue by blocking the Java 7 plugin extension in Macs.  Apple’s Xprotect.plist blacklist was immediately updated to require using the latest Java 7 1.7.0_10-b19 version on Mac computers. The older version of Java 7 that is available in the public is the 1.7.0_10-b18 and if you are using this version, Apple’s anti-malware security system will continue to block the program on your Mac. ZDNEt noted that the US Department of Homeland Security also recommends disabling the entire patch of the Java 7 browser available in Oracle. Using the older Java 7 plugin poses the risks of identity theft and botnets running through your computer networks that are capable of carrying out denial of service attacks.

Apple used to run its own Java service in OS X, but later moved towards using Oracle in order to keep up with the latest Java updates in their devices. The risk of the malicious Java software is high among users who manually downloaded the public Java 7 program on their devices. An unconfirmed report has it that the Java 6 is vulnerable as well. The multiple vulnerabilities in Oracle Java 7 were revealed by the National Vulnerability Database, stating that the attackers execute arbitrary code that bypasses the security check.

Security loopholes covered by Apple security updates

Apple was quick in making the necessary updates which led to the release of the OS X Mountain Lion v10.8.4 and Safari 6.0.5. Among the updated features include improvement in handling cookies that could allow attackers to access the user’s session log, even when private browsing is used; prevention of arbitrary code execution from maliciously crafted sites; stronger authentication process and improved bounds checking. It’s important to make sure you have these updates.

As a web developer and writer, I enjoy answering your questions on Apple, Android and Google, so feel free to ask.

~ Stacy


Tags: , , , , , ,

Leave a Reply

Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.

Enter Email Address:


Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup

Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Love Worldstart? Refer A Friend!

WorldStart's Premium Membership

Tip Archive