java

Apple issues Java, printer, iPhoto, and Aperture updates

Apple has issued a few updates for OS X users, including a new version of its in-house Java runtime environment, updated printer drivers, and new versions of iPhoto and Aperture.

The updates improve reliability, security, and compatibility overall, but for iPhoto and Aperture users Apple has specifically addressed the following details:

Photos can now be deleted from My Photo Stream by dragging to the Trash Photos can now be exported from Photo Stream using the Export command in the File menu Raw images manually imported from My Photo Stream are now editable Fixes a bug that could cause manually rotated … Read more

Apple adds site-by-site Java support to Safari for OS X 10.6

Apple has released an update to Safari for OS X 10.6 users which, along with the latest Java updates, gives Snow Leopard users the ability to enable Java on a site-by-site basis.

This news is in response to the development of the Java runtime that has moved it past official support for Snow Leopard. While the latest version of Java Apple developed (Java SE 6) is supported in Snow Leopard, support for this version of OS X ended when Apple passed the baton to Oracle to maintain Java.

With Java SE 7 requiring OS X 10.7 or later, … Read more

Oracle preps 128 security patches; Java gets 42

Oracle will release today 128 fixes for security vulnerabilities that affect "hundreds" of its products.

The software giant and Java maker said in a pre-release announcement today that four of the patches include fixes for Oracle's flagship database product, which can be exploited remotely without the need for a username or password.

Also, 29 security fixes will arrive for Oracle Fusion Middleware, with 22 of these also for preventing attacks without the need for authentication.

Affected components include Oracle HTTP Server, JRockit, WebCenter, and WebLogic.

Both Oracle products have a common vulnerability scoring system (CVSS) rating of … Read more

See which parts of the globe are currently lit with Sunlit Earth widget for Mac

When conversing with people from all around the globe, it is useful to know if it's day or night in their city. A simple glance at Sunlit Earth for Mac can help you with that.

Sunlit Earth for Mac offers a simple widget that displays the current position of sun and the sunlit portion of the globe. Knowing where the sun is currently can be useful when communicating with people worldwide, whether for business or simply when staying in contact with family or friends located in another time zone. This widget seems to be an easier solution in comparison … Read more

Google shows interest in ASM.js, Mozilla's plan for fast Web apps

At least some at Google want to embrace a Mozilla-backed project to speed up Web apps written with JavaScript -- even though it competes directly with Google's own Native Client and Dart programming technology.

Mozilla has been working for months on a technology called ASM.js, which it hopes will boost JavaScript performance, especially in combination with a related Mozilla-spawned technology called Emscripten. JavaScript powers Web apps such as Google Docs, and ASM.js is a special "extremely restricted" subset of the programming language that's designed to make it easier for developers to bring existing software … Read more

Outdated Java weak spots are widespread, Websense says

A new Websense report suggests that approximately 94 percent of endpoints that run Oracle's Java are vulnerable to at least one exploit, and we are ignoring updates at our own peril. 

According to security researchers at Websense, it's not just zero-day attacks that remain a persistent threat. Instead, Java exploits are now a popular tool for cybercriminals.

With so many vulnerabilities, keeping browsers up-to-date can become an issue -- especially as Java has to be updated independently from our preferred browser, and a mobile, cross-browser workforce is difficult to manage securely. Keeping this in mind, the security … Read more

Update OS X to ensure Java security

With the latest round of OS X updates Apple has addressed a number of bugs in its Mac operating systems; however, in addition one update is particularly pertinent for those who wish to maintain security with their Java installations.

Java has received some hard knocks recently with a number of security vulnerabilities that could potentially lead to malware execution on exploited systems, and as such, while uninstalling Java has been a preferred recommendation, one common recommendation for those who do need it is to just disable the Java Web plug-in; however, recent developments suggest doing this may not always render … Read more

Apple, Facebook hackers hit car and candy companies too

More details have been revealed about the massive cyberattack that hit several tech companies last month. Not only were Apple, Facebook, Microsoft, and Twitter hit -- but other industries' computer systems were also hacked, including prominent car manufacturers, U.S. government agencies, and a candy company.

According to The Security Ledger, people familiar with the matter said that hackers infiltrated computer networks by using at least three third-party "watering hole" Web sites, which made it possible for hackers to put malware on those companies' computers.

"The breadth of types of services and entities targeted does not reflect … Read more

More Java-based malware plagues the cross-platform runtime

Java cannot seem to get a break. Only a few days after patching the last zero-day vulnerability, two more exploits are being found that make use of the runtime. One, as noted by Kaspersky, is a recent exploit of the latest runtime's attempts to install a McRAT executable by overwriting memory in the JVM that will trigger the executable to run.

Once installed, the McRAT malware will attempt to contact command and control servers and copy itself into dll files in Windows systems.

This malware is specifically Windows-based; however, a second one outlined by Intego, is a Minecraft password-stealing … Read more