how to overcome security flaw with java?

Joined
Sep 19, 2012
Messages
331
Reaction score
0
Points
16
Location
HONGKONG
Your Mac's Specs
Catalina 10.15.3
I have a macbook pro retina, and heard that there is a security flaw with java, and viruses can infect your computer just by browsing, l have 3 browsers just now, safari, firefox and chrome. l read that Apple has disabled java, the thing is l can still access my trading software which requires java to run. whats happening, and will it leave me more vulnerable using my java based software?
thanks
 

cwa107


Retired Staff
Joined
Dec 20, 2006
Messages
27,042
Reaction score
812
Points
113
Location
Lake Mary, Florida
Your Mac's Specs
14" MacBook Pro M1 Pro, 16GB RAM, 1TB SSD
I've moved your post to a more proper forum; please be sure to check the forum descriptions to find the best place to post.

By posting in the right forum you help people not only find your question faster, but it helps others looking for the same information in the future.

Thanks for understanding!
 
Joined
Oct 22, 2007
Messages
8,967
Reaction score
287
Points
83
Location
London
Your Mac's Specs
Mac Mini Core i7 2012 | White 2009 MacBook 2 Ghz | 733 Mhz G4 Quicksilver
OPen up Terminal (/Applications/Utilities/) and type
java -version

if it says version 1.6 you are OK, the vulnerability is in version 1.7
 
Joined
Feb 26, 2010
Messages
2,116
Reaction score
123
Points
63
Location
Rocky Mountain High, Colorado
Your Mac's Specs
1.8 GHz i7 MBA 11" OSX 10.8.2
What version of OSX are you running? Did you run an update?
Java for OS X 2012-006
Did you download Java from Oracle?

The original problem was that Apple was bundling its own Java - and some security flaws were found. Oracle had updated Java but Apple didn't get around to including the updates. Apple - then decided to remove Java - and make you get the latest Java from Oracle.

Just like any piece of software - Java can have vulnerabilities. It has become a target of late as it is cross platform (runs on many machines) so any exploit has the possibility of affecting a lot of people. Flash also has the same issue - so it has become a target as well.

Unfortunately - there are still a lot of websites that use Java/Flash/etc for legitimate reasons - so people have to keep the programs around. Safe browsing habits help - but any time there is a XSS type vulnerability - it is very dangerous. You could run extensions like Adblock, noscript, cookie manager, to alleviate the issue - but that usually makes browsing annoying for users. I do use all those apps and am willing to have to approve everything on a website - but most people are not willing to browse like that.
 
OP
A
Joined
Sep 19, 2012
Messages
331
Reaction score
0
Points
16
Location
HONGKONG
Your Mac's Specs
Catalina 10.15.3
OPen up Terminal (/Applications/Utilities/) and type

if it says version 1.6 you are OK, the vulnerability is in version 1.7

thats cool, l see that it is build 1.6, thanks so much for help:)
 
C

chas_m

Guest
Lots of bad info here. Please read this and get the real story:

Apple quietly blocks Java 7 in OS X | MacNN

Please note the following:

1. The Java BROWSER PLUG-IN is affected by this problem. Not a Java installation.

2. No viruses. Still.

3. Fix coming Tuesday. If you're not using Safari or Firefox as your browser, manually disable Java in your browser for a few days. And, since this is not the first time this has happened and almost certainly will not be the last, ask yourself how reliant you are on Java and maybe reconsider turning it back on if you can get by without it (most Mac users do and aren't even aware they are not running it).
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
For anyone reading this running Java 7 (1.7), Oracle has patched it. Update it from the Java Control Panel.

Also of note - since Chrome is 32bit, it can't run Java 7 (which only ships as a 64bit binary) so you're okay if you're running Chrome as well. However, you should still update it if you're running Java.
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
Well then, Java may not be fixed after all, haha.
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
Is that even a real question? That's like asking if Flash will ever be fully secured. ;)
 
Joined
Feb 26, 2010
Messages
2,116
Reaction score
123
Points
63
Location
Rocky Mountain High, Colorado
Your Mac's Specs
1.8 GHz i7 MBA 11" OSX 10.8.2
Back in the early days (when wires were still prevalent) - my friend took a security class. The first thing the teacher does - is ask - Do you want to know how to secure your computer? He then proceeds to pull the ethernet wire from the back of the computer.

(Of course that is ignoring sneakernets, boot disks, power on reset, single user logins and the like)

(I can't believe I can tell old timey stories)
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top