How to Protect Your Mac from Java-based Malware

10

Comments

+ Add a Comment
avatar

Julzy

I realize it has been quite a while since this article was written or commented on (& my questions may be irrelevant or addressed elsewhere), but I'm not sure you really responded to the points made by geocar and muzll0dr and I have similar questions.

I think we all get (from the article & response) Mac isn't including JRE in the default to install, and that if you don't use Java applications, then you don't need the JRE enabled on your system -but what if you DO want to use Java applications??

What prompted me to search this topic in the 1st place was that I am downloading something that's asking me to update Java (which I did have to add previously). I wanted to find a way to make sure the update does not contain malware.

Since the focus of the article is to prevent Java malware by disabling JRE, my 1st question is, is there another way to protect yourself from Java-based malware other than just not using it? Secondly, how can you find out which applications use Java so that you can disable when it's not needed?
Thanks for any guidance!

avatar

geocar

What I don't understand is what I would be disabling if I disable Java on my Mac. What applications use Java? I'd appreciate knowing the answer before I start disabling.

avatar

stewkeene

Hi Cory, just wanted to thank you for writing some really good information. I'm a heavy MAC user in my Real Estate business and I follow the MAC Life blog on an RSS feed and read a lot of stuff that comes up. You really provide us some "value" content and I appreciate and share that on my Facebook page with my friends and co workers at eXp Realty. Rock On! Stew Keene - Scottsdale and Phoenix Area Real Estate Specialist

avatar

corybohon

Awesome! Thanks for reading! 

-Cory

avatar

muzll0dr

I'm sorry... doesn't disabling Java as a way to protect oneself equate with switching to a Windows computer to protect oneself from any OS X vulnerabilities? I know there are security holes in OS X (like any OS) so does that mean I should disable it? It just seems like flawed logic.

avatar

corybohon

If you don't use Java applications, then you don't really need the JRE enabled on your system. Java is just simply an add-on to the OS that makes the computer recognize and run Java apps. In fact, in Lion, Apple has stopped including any JRE in the default install. You have to download and install the JRE in a default Lion install in order to run any Java applications. 

Disabling Java is simply a preventive step to keep maliciouly-crafted Java applications from doing any harm to your Mac until a fix can be released.

-Cory

avatar

Bittles

Didn't Apple push out a software update that addressed this exploit yesterday? When I checked software update yesterday, Java was one of the updates.

avatar

corybohon

Apple did push out a Java update the other day, but it isn't yet clear if they fixed this issue because the Security Updates website doesn't yet list this software update: support.apple.com/kb/HT1222

avatar

driverajr

Thanks for this most EXCELLENT and very useful tip...you are the BEST reporter here! : )

avatar

corybohon

Thanks for reading! 

-Cory

Log in to Mac|Life directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.