Apple blacklists Java on OS X to prevent latest “critical” exploits

Apple has blacklisted the latest version of the Java browser plugin to protect Mac users from the latest Java exploits. As noted by MacRumors, OS X now requires a newer, as-yet unreleased version of the Java plugin which is expected to patch a flaw that resulted from an incomplete patch added to Java last year.

Previously, OS X required point software updates in order to update its built-in protections against malware. Now, however, Apple can quickly update a malware definition file called Xprotect.plist, and OS X will check a secure Apple server for these updates on a daily basis. As of Friday, Apple has blacklisted the latest version of the Java plugin in Xprotect.plist, requiring a newer version to run Java applets in a browser.

The latest known security hole in Java is already being "massively exploited in the wild," according to security researchers. The US Computer Emergency Readiness Team (CERT) issued a warning that Java should be disabled in browsers until a patch is released by Oracle.

Read 1 remaining paragraphs | Comments