Apple has released the Update 5 with the version 1.6.0_26 for Java for Mac OS X 10.6. The update addresses a lot of vulnerabilities which existed in the Java 1.6.0_24.
The most dangerous vulnerability may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. This can happen while visiting compromised websites. Further information about the issues fixed is available via the Java website at http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
Apple has also created an incident page at http://support.apple.com/kb/DL1360. From this page it is also possible to download the package.
The update is available through the normal Apple update mechanism or by manually downloading the package from http://www.apple.com/support/downloads
Sorin Mustaca
Data Security Expert
Leave a reply
