HT5228: About the security content of Java for OS X Lion 2012-002 and Java for Mac OS X 10.6 Update 7Learn about About the security content of Java for OS X Lion 2012-002 and Java for Mac OS X 10.6 Update 7
Currently Being ModeratedApr 11, 2012 12:56 PM (in response to nichol28)
There was a security hole in Java, and Java code is downloaded from various web sites, and the downloaded Java code could then escape the confines of the so-called Java sandbox and malicious code could then do what it wanted with your Mac
For folks that are not on 10.6 (and thus don't have access to one of the Java patches available for 10.6 and 10.7), then you can lock out execution of Java code in your preferred web browser settings. This'll prevent the most common path for downloading the attacks.
Currently Being ModeratedApr 11, 2012 3:22 PM (in response to Niel)
Everywhere I read said the Java update would show up in my Software Update. I checked it for several days after it was released yet that update was not listing for me.
So I took the initiative to download the Update for Lion via Apple's software download section.
Did I do the right thing? Better yet, why wasn't the Java update shown as an update when I checked in my Software Update. I am beginning to think maybe I did not do the right thing.
Anyhow, it's listed as installed (Java for OS X 2012-002) but without a version number.
Currently Being ModeratedApr 11, 2012 3:39 PM (in response to Niel)
Does having Java preferences app listed in Applications mean anything? I was under the impression that my iMac purchased back in September automatically came installed with Java. I was trying to find out which version I had before I did the upate through Apple but when I clicked on that app to open, a window popped up saying something to the effect "to view install blah." After the software update, the app is now showing the two bit versions of Java SE 6.
Is that what you mean? I techinically did not have Java installed, hence why the latest update was not showing?
Currently Being ModeratedApr 11, 2012 5:02 PM (in response to rednano74)
You apparently do not have Java installed, though you can choose to install it.
If you haven't needed Java yet, then I wouldn't install it here (just) because of this patch.
If you'd like to verify that Java installation status, then navigate to Applications > Utilities and launch Terminal.app, and enter the command:
$ java --version
You'll then get a message indicating the Java version if Java is installed, or you'll get an indication that Java is not installed and downloading Java will be required, and a dialog box asking if you want to do that. If you don't want to install Java now, then cancel that dialog box by clicking "Not Now". Here's an example of what you'll get if it's not (currently) installed:
$ java --version
No Java runtime present, requesting install.
Click the Not Now button in the dialog box that the command will trigger to avoid installing Java.
If you do choose to download and install Java, you'll either get the latest version, or you'll get an older version and will then be offered the Java update.
If you do choose to install Java, I'd recommend disabling Java access in Safari and your other web browsers, until and unless that is needed.
Currently Being ModeratedApr 11, 2012 6:06 PM (in response to nichol28)
I don't know much about this security program, what exactly does this protect from?
I am guessing this is not for antivirus purpose, am I correct?
It is just a software update that includes security fixes. Apple releases these all the time. The only thing unusual about this one is that someone actually managed to write an exploit for a security problem before Apple fixed it.
Currently Being ModeratedApr 11, 2012 6:57 PM (in response to MrHoffman)
I was getting that box option to download but didn't really know what/why it was asking. I installed the latest update and apparently that pushed the installation of Java because now I do not get that box option.
Typing in java -version tells me which version I have.
Kinda wish I never installed the java update.
I did uncheck java for Safari to be extra safe.