November 29, 2022
Oracle Updates Java 7 to Fix Vulnerability, Sets Default Security Setting to High

Oracle Updates Java 7 to Fix Vulnerability, Sets Default Security Setting to High

Posted January 14, 2013 at 3:17pm by iClarified · 16358 views
Oracle has released an update to Java 7 following a warning from the U.S. Department of Homeland Security that the software is vulnerable to a serious flaw.

Apple had taken steps to block Java 7 on Mac OS X to protect users from malicious sites. By installing the Java update that block will be automatically lifted.

Notably, Oracle also raised the default security setting for Java from Medium to High.

Read More [via MacRumors]

-----
This Security Alert addresses security issues CVE-2013-0422 (US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability) and another vulnerability affecting Java running in web browsers. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications. They also do not affect Oracle server-based software.

The fixes in this Alert include a change to the default Java Security Level setting from "Medium" to "High". With the "High" setting, the user is always prompted before any unsigned Java applet or Java Web Start application is run.

These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user's system.

Due to the severity of these vulnerabilities, the public disclosure of technical details and the reported exploitation of CVE-2013-0422 "in the wild," Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.
-----

Oracle Updates Java 7 to Fix Vulnerability, Sets Default Security Setting to High
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
You must login or register to add a comment...
NoGoodNick
NoGoodNick - January 14, 2013 at 3:23pm
Can this be true hmmmmm i wonder
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
How to Fix 'No Matching Host Key Type Found' on Mac
How to Stream the World Cup Using a VPN
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS