Apple pours OS X Snow Leopard another Java fix

Company patches 34 flaws in the aged -- but still alive -- Java 6 for OS X Snow Leopard, Lion, and Mountain Lion

Apple on Tuesday patched Java 6 for OS X Snow Leopard, Lion and Mountain Lion, fixing 34 flaws that Oracle addressed the same day for Windows.

The update reiterated Apple's intent to keep patching Snow Leopard, the five-year-old operating system that remains the second-most-popular version on the Mac.

[ Also on InfoWorld: Apple keeps patching Java on OS X Snow Leopard after proposed drop-dead date. | Security expert Roger A. Grimes offers a guided tour of the latest threats and explains what you can do to stop them in "Fight Today's Malware," InfoWorld's Shop Talk video. | Keep up with key security issues with InfoWorld's Security Adviser blog and Security Central newsletter. ]

Because Snow Leopard users cannot upgrade to Java 7 -- Oracle's newest edition requires Lion or its 2012 successor, Mountain Lion -- they must rely on the older Java 6, which Apple maintains. Oracle itself deals out fixes for Java 7 bugs.

Apple is able to supply fixes for Java 6 because Oracle continues to investigate vulnerabilities and work up patches for the Windows version, even though it once pledged to retire the software in February. Oracle has not said how long it will continue to provide patches for Java 6 on Windows, and thus how long Apple will be able to issue security updates to customers running Snow Leopard.

Its website, for example, continues to claim that public support has ended.

Apple would be well-advised to keep patching Snow Leopard; in May the operating system powered 25 percent of the Macs that went online, according to statistics from analytics vendor Net Applications.

There's been little sign from Apple -- which is notoriously close-mouthed about its security practices -- that it plans to stop patching Snow Leopard any time soon. Earlier this month the Cupertino, Calif. company issued a security update of its own for Snow Leopard.

Apple's apparent decision to continue patching OS X 10.6, the numerical designation for Snow Leopard -- may be tested later this year when it launches OS X 10.9 Mavericks. At the time of Mavericks' debut, which Apple has pinpointed only as "this fall," the company will have four versions to support if it doesn't drop Snow Leopard from the list.

In the past, Apple only supported two versions simultaneously, the newest and the one immediately before that.

The Java 6 update for Snow Leopard, Lion and Mountain Lion can be retrieved by selecting "Software Update..." from the Apple menu, or by opening the Mac App Store application and clicking the Update icon at the top right. The update can also be downloaded manually from Apple's support site.

Java 7 for OS X, which was also patched Tuesday, can be downloaded from Oracle's website.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His email address is gkeizer@ix.netcom.com.

Read more about security in Computerworld's Security Topic Center.

This story, "Apple pours OS X Snow Leopard another Java fix" was originally published by Computerworld.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies