• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Latest OS X Java Updates Prevent Code Execution

March 8, 2011 By Corey Nachreiner

Summary:

  • This vulnerability affects: OS X 10.5.x (Leopard) and 10.6.x (Snow Leopard)
  • How an attacker exploits it: By enticing your users to a malicious website containing specially crafted Java applets
  • Impact: In the worst case, an attacker executes code on your user’s computer, with that user’s privileges
  • What to do: Install Java for OS X 10.5 Update 9 or Java for OS X 10.6 Update 4 as soon as possible, or let Apple’s updater do it for you.

Exposure:

Today, Apple issued two advisories [ 1 / 2 ] describing Java security updates for OS X 10.5.x and OS X 10.6.x. The advisories warn of 16 vulnerabilities in OS X’s Java components (number based on CVE-IDs).

Apple doesn’t describe these flaws in specific detail, rather, they only share the  potential impact of the worst case flaw. By luring one of your users to a malicious website containing a specially crafted Java applet, an attacker can exploit some of these Java flaws to either execute code or elevate privileges on your users’ OS X computers. In most cases, the attacker would only gain the privileges of the currently logged in user, which doesn’t include root or administrator access in OS X. Nonetheless, we recommend you install Apple’s OS X Java update as soon as possible.

Solution Path:

Apple has issued Java for OS X 10.5 Update 9 [dmg file] and Java for OS X 10.6 Update 4 [dmg file] to correct these flaws. If you manage OS X 10.5.x or 10.6.x computers, we recommend you download and deploy these update as soon as possible, or let OS X’s automatic Software Update utility install the proper update for you.

For All WatchGuard Users:

Some of these attacks rely on one of your users visiting a web page containing malicious Java bytecode. The HTTP-Proxy policy that ships with most Firebox models automatically blocks Java bytecode by default, which somewhat mitigates the risk posed by some of these vulnerabilities.

Status:

Apple has released Java updates to fix these issues.

References:

  • Apple’s OS X 10.5 Java Update 9 advisory
  • Apple’s OS X 10.6 Java Update 4 advisory
  • Apple software downloads
  • Apple security updates

This alert was researched and written by Corey Nachreiner, CISSP.

Share This:

Related

Filed Under: Security Bytes Tagged With: Apple, code execution, leopard, Oracle, snow leopard, Updates and patches

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use