Forum latest

Apple has yet to patch "critical" Java vulnerability
Security
Written by Daniel   
Wednesday, 20 May 2009 11:57

A vulnerability in the Java virtual machine, which can allow arbitrary code execution, was publicly disclosed and fixed by Sun last December. However, security experts warn that the JVM in Mac OS X still remains un-patched against the vulnerability.

By Chris Foresman | Last updated May 20, 2009 11:05 AM CT

Mac OS X contains a serious security vulnerability in its implementation of Java, according to several security experts. The vulnerability remains in the software even after Sun had disclosed and patched the problem and Apple had been notified of the issue by at least one security researcher.

A vulnerability related to de-serializing certain Java objects can result in arbitrary code running outside of the JVM's sandbox with the same privileges as the current user. It was reported to Sun in August 2008, and in December 2008, Sun disclosed the vulnerability and issued a patch. Despite recent security updates from Apple, researches say this "critical" vulnerability still exists in Mac OS X.  [ARS Technica...]    [Comments...]

 

See also

None found.


Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either