14 DAY TRIAL // Apple has finally posted a security advisory that clearly states the purpose of Java for OS X 2013-002 and Java for Mac OS X v10.6 Update 14, two new updates rolled out by the Mac maker yesterday.
Available for Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later, Java for OS X 2013-002 and Java for Mac OS X v10.6 Update 14 address multiple vulnerabilities in Java 1.6.0_41.
According to the advisory, one of these vulnerabilities could allow a malicious Java applet to execute arbitrary code outside the Java sandbox.
“Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user,” Apple explains.
Oracle, the owners of Java, patched the issues and transferred the results over to Apple. The Mac makers, for their part, packaged the fixes inside the two aforementioned Java releases and addressed the vulnerabilities with their own updates.
Here’s more information about the patched security issues.