It is our thinking that in the case of JAVA, due to the cross OS nature and Apple's custom update cycle, it continues to be the attack vector platform of choice.

Ways to Eliminate any Threat from malicious JAVA Applets

If you do not need or use Java than disable it in Safari.

1. In Safari goto Safari>Preferences>Security and disable Java.
2. In Chrome visit Chrome://plugins and disable Java.
3. In Firefox Tools>Add-ons and disable Firefox.

Suggested Setting in the Java Preferences.app to Protect Your Mac

• In /Applications/Utilities/Java Preferences.app disable "Allow User to grant permissions to content from an untrusted authority."
• In /Applications/Utilities/Java Preferences.app disable "Use certificates and keys in browser keystore"
• In /Applications/Utilities/Java Preferences.app disable "Use personal certificate automatically if only one matches server request."
• In /Applications/Utilities/Java Preferences.app enable "Enable blacklist revocation check."
• In /Applications/Utilities/Java Preferences.app enable "Check certificates for revocation using CRL"
• In /Applications/Utilities/Java Preferences.app enable "Enable online certificate validation"
• In /Applications/Utilities/Java Preferences.app enable Verify mix security code. "Enable-don't run untrusted code, no warning." **This should be reviewed based on business needs.
• Review Trusted Publishers in Security pane.

Consider each option based on your specific business needs. For example, if you are developing jar/applets internally consider reviewing of the signing process to insure that all internal app/jar used for production systems and properly signed by your organization. You may also want to disable Java or create a custom seat-belt file.