For more than six months after Sun Microsystems warned the world of flaws in its Java virtual machine, Apple finally released security updates for Mac OS X and Mac OS X Server 10.4.11 and 10.5.7.
Apple patched 32 vulnerabilities in its implementation of Java. The vulnerability allows a remote attacker to take control of a system or makes it easy for attackers to execute malware on users' Macs.
These ails are possible when users visit web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution,” according to Apple.
Mac owners can grab the latest Java version via Software Update or directly from Apple’s Support Downloads website.
Unlike other companies, Apple maintains its own versions of Java and works on patches internally, which may explain the delay.