Apple has announced it will be removing its default Java plugin from Safari, and other web browsers on Mac OS X, in a bid to maintain security from potential vulnerabilities of the older version. The move by Apple is days after Oracle announced a patch for Java, once again fixing security issues.
The update, called Java for OS X 2012-006 1.0, uninstalls the Java applet plug-in from web browsers. Users will still be able run Java applets via the browser however, if they download the plugin directly from Oracle. The update also upgrade’s the operating systems default Java version to the latest - Java SE 6 1.6.0_37.
The advisory says: "This release updates the Apple-provided system Java SE 6 to version 1.6.0_37 and is for OS X versions 10.7 or later. This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a web page, click on the region labeled "Missing plug-in" to go download the latest version of the Java applet plug-in from Oracle."
Dark Reading quotes Randy Abrams, research director with NSS Labs, as saying the move makes sense: "By ripping Java out of the browser, a lot of those malicious downloads are not going to find what they need to exploit. This was really a significant step. I'm guardedly optimistic that this means Apple is really beginning to take security more seriously."
Apple is definitely trying to protect its users, whilst trying to maintain the no hassle security that its computers are famous for. Cyber-criminals have started to target the Mac OS however, whether by click-based attacks, or via third-party plugins. Users are recommended to invest in an anti-virus suite for their Mac systems, despite previous deserved complacence.
Source: Dark Reading