Java on Mac OS X Gets the Boot After Security Incidents
For the second time in two weeks, Apple pulled Java from its users’ browsers via an update to its XProtect anti-spyware scanner. The decision, based on the series of security incidents involving Java, has stirred a wave of complaints on the vendor’s support forums.
The XProtect update automatically disables all versions of the Java Web plug-in before version 18.104.22.168, as a number of reports from vulnerability-testing companies revealed that the latest version of Java can still be exploited.
Early in January, the US Department of Homeland Security issued a warning that Java should be disabled, as a weaponized piece of exploit code had made it into the world’s most famous attack kits.
Unfortunately for Mac users, they will most likely be unable to use Java until – most probably – February 4. However, given the serious security risks they could get exposed to, everybody is better off without Java for now.