Apple has released Safari 6.0.4, and 5.1.9, which, together with a recent update to Java, provides site-specific settings for activating Java. As Java has become a widely-exploited vector for malware attacks, it's a good idea to keep it turned off if you don't need it. The problem is, however, that many people do need it, and the safest way to protect from drive-by attacks on malicious websites is to provide a site-specific activation method.
Safari 6.0.4 offers this. If you visit a website that tries to load a Java applet, a dialog will ask if you want to block or allow the applet. You can later go to Safari > Preferences > Security, and click on Manage Website Settings (just after the Allow Java option) to view a list of websites which have attempted to load Java applets. You can then change the behavior for each of those sites.
Get more info about Java and Safari in Apple's technical note.
Safari 6.0.4 offers this. If you visit a website that tries to load a Java applet, a dialog will ask if you want to block or allow the applet. You can later go to Safari > Preferences > Security, and click on Manage Website Settings (just after the Allow Java option) to view a list of websites which have attempted to load Java applets. You can then change the behavior for each of those sites.
Get more info about Java and Safari in Apple's technical note.
•
[10,155 views]
