Apple Fails to Patch Key Java Vulnerability
© bfick
Apple has been slow to fix a key Java vulnerability which has remained unpatched for months, according to a security memo released this week by Intego.
"While Apple's safety record is pretty good — that is to say the actual number of security breaches on the platform is small — it still has some work to do in terms of its reputation for security," writes Macworld's Dan Moren. "The company is often close-mouthed about its process for dealing with security fixes, and though it does issue updates throughout the year, vulnerabilities sometimes go unpatched for months at a time. Case in point: a Java vulnerability first patched by Sun over six months ago that's still open in Mac OS X."
"I would say, 'Folks, it's time to patch your systems,' but Apple has yet to provide such a patch," writes About.com's Mary Landesman. "Your best bet is to stop using Safari, switch to Firefox and install the NoScript addon to guard against hostile Web sites…"
More here from TUAW … more here from Computerworld … more here from InformationWeek … and more here from TechWhack.