Why did Apple take 5 months to fix 24 security holes in OS X Java?

happygeek 0 Tallied Votes 251 Views Share

Sun Microsystems managed to fix multiple security vulnerabilities in JDK and JRE months ago now, so why has it taken Apple so long to finally plug pretty much the same Java holes in Mac OS X?

Apple has known that its Java implementation has been, quite frankly, screwed since way back when. At least since April, because that is when Sun Microsystems started shipping security updates that fixed the flaws it had uncovered. Fast forward through the summer and, at long last, Apple has finally managed to sort out the problems with its own version of Java and announce updates to plug at least two dozen security holes in the OS X versions.

There are, in fact, two updates available to download from Apple. The first applies to Java for Mac OS X 10.4 and updates J2SE 5.0 to version 1.5.0_16, as well as Java 1.4 to version 1.4.2_18. The second applies to Java for Mac OS X 10.5, and promises "improved reliability and compatibility for Java SE 6, J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.5.4 and later" by updating Java SE 6 to version 1.6.0_07, J2SE 5.0 to version 1.5.0_16, and J2SE 1.4.2 to 1.4.2_18.

Apple notes that the release of J2SE 5.0 and J2SE 1.4.2 supports all Intel and PowerPC-based Macs, while Java SE 6 is available on 64-bit, Intel-based Macs only.

The big question that Apple has to answer is why so long? I mean, if Sun can ship fixes for Windows and Linux versions out 5 months back, why should Apple users have to wait until now? More to the point, why should Apple users have to be exposed to so many security flaws for such an extended period of time?

These are critical vulnerabilities after all, the kind that can enable an attacker to inject malicious code easily enough. If I were Apple, I would be slapping myself for being so lethargic. Just because Macs have a good reputation for being relatively secure, at least when compared to Windows and Linux systems, there is no excuse for looking like you simply don't give a damn!

Certainly, at this rate, pretty soon you won't be able to claim that Apple is better than Windows or Linux, fanbois...

Mathue 0 Newbie Poster

If you want this article to come off better you might want to correct fanboi to fanboy. Otherwise it really comes off as a geek having a snit. Someone needs to amend the Godwins Law to include 'fanboi' :)

http://en.wikipedia.org/wiki/Godwin's_law

dylan214u@yahoo 0 Newbie Poster

In your haste only one of those updates by Sun had anything to do with Apple. SOOooo it's not as bad as you made it seem.

jameskatt 0 Newbie Poster

You are so impatient.
Calm down.
Consult with Rosy Palm as much as possible.

There are ZERO viruses for Mac OS X.
There are NO attacks on Mac OS X computers.

The sky is not falling, Chicken Little.

And now, Mac OS X is even more secure.

batitombo 0 Newbie Poster

Hmmm?? Is funny how fanboys only apply to Apple users! I think Davey is a fanboy himself, first of all Linux also has a lot of vulnerabilities, not every one is a happy geek like you and uses apple for other stuff that Linux can't deliver. Apple is by far the best OS overall and deploying a java bug 5 month after is not gonna lose its place as the best OS. Linux needs a lot of work and windows, well I don't wanna get started there because there many reason why windows SUCK. I use linux ubuntu server and my mac to develop so I know what I'm talking about sadgeek.

IsaacU 0 Newbie Poster

IBM and Sun Microsystems both make computer systems for the corporate world. By purchasing Sun, IBM would get a leg up in the global finance and telecommunications markets. Representatives from both sides have yet to comment as of this writing. Sun Microsystems is both information technology and software company, and been recognized since the 80s. They had become one of the biggest competitors with Microsoft for IT and corporate software and hardware. However, after the dot com bust in the early 2000s, Sun Microsystems has begun to struggle a bit. Instant payday loans aren't really going to help them, but they have entered negotiations with IBM for a buyout that's supposed to total around $6.5 billion. News of the talks has boosted Suns' stock on the market. It may be the best move for them to avoid staring down bankruptcy, which would be a disaster for a firm as large as Sun Microsystems.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.