Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


   Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10

   Agen G. N. Schmitz

   Apple has released two Java SE 6 updates that deal with recent
   vulnerabilities identified by [1]Oracle. The [2]Java for OS X 2012-005
   update for OS X 10.8 Mountain Lion and 10.7 Lion deactivates the Java
   plug-in when no apps have run for an extended period of time. If the
   previous Java update for Lion wasn't installed ([3]2012-004), this
   update disables the Java plug-in immediately. The [4]Java for Mac OS X
   10.6 Update 10 for 10.6 Snow Leopard similarly configures Web browsers
   to not automatically run Java and deactivates after no app activity for
   an extended time. Both updates from Apple bring Java up to version
   1.6.0_35, and you can re-enable Java in both by clicking the region
   labeled 'Inactive plug-in' on a Web page. The updates are available via
   Software Update and direct download, and Apple reminds you to quit any
   Web browsers and Java applications before installing either one. (Free,
   67.2 MB and 81.9 MB)

References

   1. http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
   2. http://support.apple.com/kb/DL1572
   3. http://tidbits.com/article/13065
   4. http://support.apple.com/kb/DL1573

.