Any risk from Java if you use a Mac?

jlister

Is there a risk to Mac users from Java 7, or does it only apply to Windows PCs?

Tags: apple, Java 7, mac
Topic: Security
Answer this Question

Answers

3 total
kreiley
Vote Up (25)

While the most recently discovered flaws an Java 7 may have been patched, there is still a general warning against using Java by the DHS. And yes, those patched vulnerabilities could be used against Mac systems as well as Windows. Remember the Flashback worm? Well, over 600,000 Mac users who bought into the "Macs don't get viruses" meme learned that they had been living in a fools paradise when their machines were infected. It is also worth mentioning that Apple hasn't provided Java for OS X since 6. Frankly, there is no compelling reason to continue using Java, and just because the most current round (of many) vulnerabilities has been patched, doesn't mean that they all have been. 

Christopher Nerney
Vote Up (22)

As long as there's a flaw to be exploited, I'd say yes. But Oracle reportedly has released an update that fixes the exploit about which the U.S. Department of Homeland Security had issued a warning.

 

 

jimlynch
Vote Up (20)

Here's how you can disable Java in Safari.

How to disable the Java web plug-in in Safari
http://support.apple.com/kb/HT5241?viewlocale=en_US&locale=en_US

"To disable the Java web plug-in in Safari, follow these steps:

In Safari, choose Safari > Preferences or press Command-comma (⌘-,)
Click "Security".
Uncheck (deselect) "Enable Java".
Close the Safari preferences window."

Ask a question

Join Now or Sign In to ask a question.
Google, Dropbox and the Open Technology Fund are supporting a new organization focused on making open-source security and privacy tools more user-friendly.
Among six major U.S. cities, CSOs are paid the most in San Francisco and New York, but factoring in the cost of living makes Denver and Chicago the best bang-for-the-buck places.
Apple's iOS 8 addresses a serious weakness that could allow attackers to hijack the wireless network authentication of Apple devices and gain access to enterprise networks.
Legislation introduced in the U.S. Senate on Thursday aims to place limits on access by U.S. law enforcement agencies to emails and other communications stored abroad.
Two online advertising networks, Google's DoubleClick and Zedo, have been delivering malicious advertisements that could install malware on a person's computer, according to the security vendor Malwarebytes.
Google is turning on data encryption by default in the next version of Android, a step that mirrors broad moves in the technology industry to ensure better data security.
CloudFlare said it has engineered a novel way to handle sensitive encryption keys that allows organizations such as financial institutions to still use its caching service to fend off cyberattacks.
Samsung on Thursday announced price reductions and updates for its Knox security and management software for IT shops and a free My Knox service that is directly available to professionals using ActiveSync.
The breach of Home Depot's payment systems may have compromised 56 million payment cards as a result of malware that has since been eliminated, the company said Thursday.
Apple outlined its new privacy policy and set up a site to explain what information it collects from users and how it handles it, as the company enters new areas like health tracking and mobile payments that have potential privacy implications.