Apple has released Java updates for Mac OS X 10.5 and Mac OS X 10.4. Java for Mac OS X 10.5 Update 4 and Java for Mac OS X 10.4 Release 9 patch a series of flaws that could let a remote attacker gain elevated privileges or execute arbitrary code on the victim's computer. The security updates address issues where attackers could use untrusted Java applets to gain elevated privileges on a victim's computer, or where visiting a web site containing a maliciously crafted Java applet could let an attacker run arbitrary code with the victim's current privileges.
Apple said:
Java for Mac OS X 10.5 Update 4 delivers improved reliability, security, and compatibility for Java SE 6, J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.5.7 and later.
This release updates Java SE 6 to version 1.6.0_13, J2SE 5.0 to version 1.5.0_19, and J2SE 1.4.2 to 1.4.2_21.
Please quit all web browsers before installing this update.
Java for Mac OS X 10.4, Release 9 delivers improved reliability, security and compatibility for J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.4.11 and later.
This release updates J2SE 5.0 to version 1.5.0_19 and J2SE 1.4.2 to version 1.4.2_21.
Please quit all web browsers before installing this update.
The Java updates are free from Apple Software Update or can be downloaded from following links:
Java for Mac OS X 10.5 Update 4 (158 MB)
Java for Mac OS X 10.4, Release 9 (80.11 MB)
UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.11) Gecko/2009060214 Firefox/3.0.11
