Date: Friday, September 4th, 2009, 03:59
Late Thursday, Apple released an update to Java for Mac OS X 10.5 (“Leopard”). Apple Java for OS X 10.5 Update 5, a 161.3 megabyte download, includes fixes from all previous updates and brings with it improved reliability, security, and compatibility for the cross-platform technology.
According to Macworld, the update patches many Java-related security vulnerabilities, including some which allow untrusted Java applets to obtain elevated privileges via a Web page and potentially execute arbitrary code. There’s also a patch for Java Web Start that prevents a buffer overflow from quitting an application or executing arbitrary code.
The security patches in this fix were released by Java-maker Sun Microsystems in early August, marking an improvement in turnaround time for Apple. In the past, the company has lagged at rolling out fixes for Java, such as this past June, when Apple finally issued an update for a bug that Sun had patched over six months prior. Per Computerworld, the’s update does not fold in Sun’s most recent patch of August 11, which plugs further security holes.
The update requires Mac OS X 10.5.8 or later to install and run and can also be snagged and installed via Mac OS X’s Software update feature.