[MacOS] Critical Safari and Firefox Java Exploit


Landon Fuller reports that an almost six months old Java exploit has still not been fixed for Mac OS X. The exploit allows to compromise the Java sandbox in order to break out and run commands with the permissions of the executing user.


This issue is classified as serious as Java applets containing malicious code may be executed just by visiting a web page. Ladon Fuller says an illegal exploit is available in the wild. He prepared a proof of concept exploit that will make your Mac OS X computer say “I am executing in a user process“.

Applies to

The exploit aswell applies to Intel as to PowerPC based Mac OS X systems running Safari or Firefox.

More information

Some more background information and workarounds may be found on Fuller’s site.

One thought on “[MacOS] Critical Safari and Firefox Java Exploit

  1. beachball

    Considering the Apple Ads about virus-plagued and unsafe PCs, this is ridiculous and sad at the same time. Repeatedly.

Leave a Reply

Your email address will not be published. Required fields are marked *