Apple Releases New Java Updates, Fix 17 Flaws

Apple pushed out a new batch of Java updates for Mac OS X 10.6.8 Snow Leopard and 10.7 Lion yesterday, bringing the two operating systems up to date with Oracle’s Java SE 6 Update 29.

Apple JavaApple pushed out a new batch of Java updates for Mac OS X 10.6.8 Snow Leopard and 10.7 Lion yesterday, bringing the two operating systems up to date with Oracle’s Java SE 6 Update 29.

In its update summary, Apple claims multiple vulnerabilities exist in Java’s previous build 1.6.0_26, including one that could allow an untrusted applet to execute arbitrary code outside the platform’s sandbox. Another could bring about arbitrary code execution when it comes to the user’s privileges. 

The update to version 1.6.0_29 fixes 17 flaws in total including:

  • CVE-2011-3389
  • CVE-2011-3521
  • CVE-2011-3544
  • CVE-2011-3545
  • CVE-2011-3546
  • CVE-2011-3547
  • CVE-2011-3548
  • CVE-2011-3549
  • CVE-2011-3551
  • CVE-2011-3552
  • CVE-2011-3553
  • CVE-2011-3554
  • CVE-2011-3556
  • CVE-2011-3557
  • CVE-2011-3558
  • CVE-2011-3560
  • CVE-2011-3561

As usual, the update can be downloaded via your computer’s Software Update preferences or from Apple’s Downloads page.

Suggested articles