Apple has issued its own fix for a controversial set of Java vulnerabilities.
The company said that the Java SE 6 update would address flaws which could potentially allow an attacker to remotely execute code on a targeted system. The update patches the flaw in MacOS X 10.6 as well as the more recent Lion and Mountain Lion builds.
The Apple update will only address the flaw in the SE6 versions of Java for OS X, which Apple still maintains. The company handed development and maintenance of the Java platform back over to Oracle with the Java SE 7 build.
Oracle issued its own fix for the vulnerability in Windows, OS X and Linux systems last week, addressing vulnerabilities in Java SE7 and non-Mac versions of Java SE6. The issue does not impact stand-alone applications and server installations of Java.
The update drew headlines and criticism for Oracle before its release, when researchers revealed that the company had known about the vulnerabilities for months and did not release a patch until after active exploits for the issued had surfaced.
Oracle also drew heat after releasing the patch when researchers discovered additional security vulnerabilities in the Java 7 update itself.
The issue has lead a number of security experts to question the security of the Oracle Java platform itself. Some have even gone so far as to recommend that users and IT administrators consider limiting or even removing Java altogether in order to reduce the risk of any future attacks.
Why does Facebook store "my entire call history with my partner's mum", asks developer who requested his Facebook data
Facebook database included text-message metadata - despite not using Facebook Messenger for SMS
Before Ocado could start selling the technology it had developed to other retailers, it had to tear down and rebuild its own monolithic architecture
Successful attack could result in harm to patients and financial loss, warns NHS governing body
Guccifer 2.0 claimed to be a lone Romanian hacker - until a schoolboy error gave him, her or them away