Xprotect security OSX and Java

I was curious about how Apple managed to quickly respond and disable Java after the CERT and SEI vulnerability warnings remotely. Some googling later, figured out that the Xprotect security mechanism in OSX Lion operates on this file which can be remotely updated by Apple - mine seems to have been on Feb 8, 2013.

/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

Xprotect Meta Plist Lion

Interesting to see Flash listed in this same block list as well.

Leave a Reply