Apple Kills Java On The Mac To Fight Malware Like Flashback


Don't trust the Java.
Don't trust the Java.

Apple released a small Java update for OS X users this Wednesday. The update effectively removed the Java applet plug-in that typically comes pre-installed in all web browsers on the Mac. Why? Well, Apple has been trying to distance itself from Java for quite some time, mainly due to the fact that most malware spreads via Java vulnerabilities.

Take the recent Flashback trojan, for example. Millions of Macs were comprised because hackers were able to exploit a security vulnerability in Java on the browser. You could visit a bad site with a corrupt Java applet and get infected. After this week’s update, Java is no longer included in browsers like Safari.

If you absolutely need Java for a certain website, then Apple allows you to download it directly from Oracle. It’s a good tradeoff because Apple gets to distant itself from the dangerous platform while also leaving room for “power” users to install Java anyway.

From Apple:

This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a web page, click on the region labeled “Missing plug-in” to go download the latest version of the Java applet plug-in from Oracle.

Please quit any web browsers and Java applications before installing this update.

Check for updates in the Mac App Store to grab this one if you haven’t already. By cutting ties with Java, we hopefully won’t see something like Flashback again.

Source: Apple

Via: Ars Technica


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.