MacRumors is bringing attention to a security issue that could affect Mac users. Java SE 7 Update 6, the most recent version of Oracle's Java, contains a zero day flaw that could allow the installation of executable code on your Mac if you visit a compromised web site.
Screen shot courtesy of Coyote Moon, Inc.
The problem is specific to Oracle's Java SE 7 updates 0 through 6. Apple currently delivers Macs with Java SE 6, the previous version of Java. So, although many sites are reporting this as a security issue for Macs, it's only a security issue if you manually updated to the most recent version of Java hosted on the Oracle site.
To determine which version of Java is installed on your Mac, do the following:
- Launch Java Preferences, located at /Applications/Utilities.
- Select the General tab.
- The version(s) of Java installed on your Mac will be listed. You may have more than one version installed, such as a 32-bit version and a 64-bit version. Make sure none of them say Java SE 7, with a version number of 0 through 6.
- If you do see Java SE 7 listed, remove the check mark from its box to turn that version of Java off.
My current update to Java says “14.3.0″. How come you only list 0-6? Is my update OK?
It sounds like you’re looking at the version number of the Java Preferences app, not the version number of Java. If you launch the Java Preferences app and select “About Java Preferences” from the Java Preferences menu, you’ll see the version number for Java Preferences.
What you need to check is the number for the version of Java that you’re running. Launch Java Preferences. In the Java Preferences window that opens, click the General tab.
The version(s) of Java that you’re running will be listed in the General tab’s window. If Java SE 7 is listed, click the box to the left of its name to deselect it.
Tom
I followed the instructions given and I found the following:
Java SE16 64 bit
Java SE16 32 bit
Also vendor and version no. which i won’t post here.
I have been working in IT for the last couple of years and something which comes up time and again is web security.
I think my next move will be to a big firm (such as Twitter or Google) to operate specifically on website and user protection.