Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Another OS X Java Patch

Published: 2012-04-06
Last Updated: 2012-04-06 16:33:36 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

Only a couple days after releasing the critically late Java patch (2012-001), Apple released another Java update. At this point, Apple's site doesn't mention what this new patch fixes, or why it was released. But eventually, you may see details at http://support.apple.com/kb/HT1222 . Too bad that Apple isn't getting its security house in order. It appears that OS X has reached a level of market penetration that would require a company with a meaningful security response capability behind it.

Just a couple of additional pointers for OS X security:

- Sophos is making a free Antivirus product for OS X. I am running it for a few months now without bad side effects. http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

- You can try and enable "Gatekeeper" on OS X Lion. This feature will prevent unsigned software from running. This feature will be fully integrated once the next version of OS X (Mountain Lion, OS X 10.8) arrives, but has been included in OS 10.7.3 . To activate it, you need to run: sudo spctl --enable . Expect it to complain about a lot of "normal" software as most OS X software right now is not yet signed. (but you can always allow it to still run). 

Otherwise: Keep good backups... 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: java os x patch
1 comment(s)
Diary Archives