A weakness has been discovered in Java 7 security making hundreds of millions of business and consumer users vulnerable to a serious flaw. The threat is serious enough that the US Department of Homeland Security has warned users to disable or uninstall Java software on their computers, ZDNet informs. Turns out the issue affects not only the Java 7 browser plug-in, but all versions of the java plug-in for web browsers.
As reported by MacRumors, Apple moved quickly to protect its customers and disabled the Java 7 plug-in on Macs where it is already installed by updating its “Xprotect.plist” blacklist to require a minimum of an as-yet unreleased 1.7.0_10-b19 version of Java 7, because the current version of Java 7 is 1.7.0_10-b18.
As a result, the anti-malware system built into OS X will get to action and won’t let through systems running Java 7.
Apple pushed its Java support back to Oracle in October 2010. Steve Jobs wasn’t satisfied with their arrangement with Java, because it resulted in Apple’s Java being a version behind that available through Oracle.
Since the transition closed – back in August – Oracle officially launched Java for OS X, but it isn’t by default on OS X. Therefore only users who manually installed Java are affected by the latest issue or were affected by earlier issues.