Apple releases new Java update, uninstalls Apple-provided Java applet plug-ins
Apple has released Java for OS X 2013-005, which “delivers improved security, reliability, and compatibility for Java SE 6”. The update is available in the Mac App Store.
Of note, the updates “uninstalls the Apple-provided Java applet plug-in from all web browsers.” New Macs do not come with Java installed and newer versions of Java are released and maintained by Oracle.
Apple’s decision to cut off internal support and development stems from the decreased necessity for the platform and the fact that Mac malware usually comes from Java security holes. On Apple’s security page for the latest update, it is noted that some holes existed in the software:
Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html