HT201353: About the security content of Java for Mac OS X v10.6 Update 12
Learn about About the security content of Java for Mac OS X v10.6 Update 12Q: There have been several news reports about security problems with Java, and several have indicated that Java should still not be i ... There have been several news reports about security problems with Java, and several have indicated that Java should still not be installed on our computers. Does this update address the concerns raised in those news articles? more
-
All replies
-
Helpful answers
-
Feb 18, 2013 9:32 AM in response to TASchmittby John Galt,★HelpfulWhatever you read in the hyperventilating entertainment venue masquerading as "news" should be considered with a healthy degree of skepticism. Having said that Java is a potential vector for malware intrusion, and avoidance of it is a good idea. I have not needed Java for any reason in several years, and don't miss it a bit.
If you need Java, you have no choice: download it directly from Oracle and use it at your own risk. Disable Java when not in use. Configure your Safari Preferences like this:
If your banking or brokerage website requries Java, I seriously recommend finding another bank or broker.
-
Feb 18, 2013 10:07 AM in response to TASchmittby BobHarris,★HelpfulThe Java web browser plug-in is the primary problem child. Disable it in your browser. John Galt has show how to disable the plug-in for Safari. There are similar ways to disable the plug-in for other browsers.
If you are running a Java app, such as CrashPlan, then the Java issues are not a problem for you.
Again, it is the Java plug-in that is the security vector, and not Java applications.
If you have a web site that insists on using the Java plug-in then you should consider whether you really need to use that web site, or if they will work without the Java plug-in being enabled.Finally, do not confused JavaScript with Java. The only thing they have in common are the 1st 4 letters of their name. JavaScript is essential for most web sites these days, and should be enabled in your browser.
