Apple has blacklisted the latest version of the Java browser plugin to protect Mac users from the latest Java exploits. As noted by MacRumors, OS X now requires a newer, as-yet unreleased version of the Java plugin which is expected to patch a flaw that resulted from an incomplete patch added to Java last year.
Previously, OS X required point software updates in order to update its built-in protections against malware. Now, however, Apple can quickly update a malware definition file called
Xprotect.plist, and OS X will check a secure Apple server for these updates on a daily basis. As of Friday, Apple has blacklisted the latest version of the Java plugin in
Xprotect.plist, requiring a newer version to run Java applets in a browser.
The latest known security hole in Java is already being "massively exploited in the wild," according to security researchers. The US Computer Emergency Readiness Team (CERT) issued a warning that Java should be disabled in browsers until a patch is released by Oracle.