“Apple blocked the Java 6 and Java 7 plug-ins for the third time this year [for] Mac users on Thursday over more potential security threats,” Jeff Gamet reports for The Mac Observer.
“Mac users running versions of Java that are earlier than version 6 update 51 and version 7 update 25 can no longer run Java code on their computer until they update to a newer version,” Gamet reports. “Apple hasn’t uninstalled Java from user’s Macs, and instead has simply disabled the older versions of the plug-in, which means apps and websites that rely on Java either won’t work or will be partially non-functional.”
Read more in the full article here.
And so it goes…
FIRE Tim Cook!!!
@ the joker
Any fool can make a negative comment. How about suggesting who you think would be better.
Seems this is your post to everything.
Maybe You could provide a description of why this is a bad thing. Please be specific.
for fuck sake you anal asses. Joker, I get it. Damn near pissed myself after seeing you strike, yet again. keep it going and for the rest of you ass pickles, STFU and smell the sarcasm.
You are incredibly easily humored, Banjo.
Hey they are just looking out for their users. We advise everyone at my work to stay current with java releases. When we find an app that requires an older version of java we sandbox it or dump it if feasible.
Actually, ALL versions of Java 6 are now considered unsafe:
http://www.informationweek.com/security/vulnerabilities/hackers-target-java-6-with-security-expl/240160443
I’m surprised Apple didn’t block Java 6 entirely. The only, *cough*, ‘safe’ version of Java is currently 7u25. Otherwise, go digging for the “JavaAppletPlugin” and TRASH IT! The thing should be located here:
/Library/Internet Plug-ins/JavaAppletPlugin.plugin
If the version number for the plugin does NOT say “Java 7 Update 25”, then doom shall reign upon your computer! Java SUX, Oracle SUX. 😛
Agreed. Thank you Oracle for ***ing up Java. Now full speed ahead with MySql.
I wish they’d bloody well stop mandating this and give OSX users the choice instead. Some apps I have need Java. No, I’m not happy about that, but those are the ones the vendors supply and I have to use them.
Apple obviously thinks we’re all idiots unable to look after and secure our own computers….
some apps you have? you mean Minecraft? grow up you idiot.
I’ve never played Minecraft nor do I ever plan to.
I’m a network engineer. Java still gets used a lot for network monitoring tools. Unless I plan to drop down into the CLI of each device and keep hitting the up arrow and ENTER there’s currently no easy way to get up to date logging information off a lot of these boxes.
In the big wide world known as adulthood there are real uses for Java, you see 😉
There is an important difference between the Java Internet plug-in, which is what’s causing ALL the problems, and the Java that Apple build into the System of OS X. They are NOT the same thing and have no cross functionality.
Let me paste below a question I received at my Mac-Security blog as well as my reply. It will provide some further details:
Q: I suppose that this means the end of Cyberduck and other free software that relies on Java 6. Is that so?
A: Short answer: No. All Java 6 dependent application will continue to run great on OS X. The Java problems are only related to Java applets on the Internet, therefore the JavaAppletPlugin, as noted above. No worries.
In my attempt to keep things simple, I avoided discussing the Java implementation Apple provide within OS X. That is an entirely separate issue, one that is currently NOT a problem.
If you dig down into the System folder in OS X, you’ll find that Apple provide a version of Java that is specifically and only used for Java application. This implementation of Java has NOTHING to do with running Java applets on the Internet. You will find this separate installation of Java here:
/System/Library/Java/
If you have an up-to-date version of OS X installed, you have Java 6u51 installed in the System. That was as of the ‘Java for OS X 2013-004’ update. You can read about the update here:
http://support.apple.com/kb/HT5717
Q: Could a Trojan horse Java application PWN my Mac?
A: My understanding is yes, temporarily, but so far there aren’t any.
Apple’s Gatekeeper system, built into OS X 10.7 on up, was designed specifically to keep such Trojans out of OS X. However, there has been a raft of developer ID based security certificates stolen over the past year. Therefore, it is possible such a Trojan, with a faked security certificate, could appear in the wild for a brief time. Once discovered, Apple can immediately revoke the faked certificate and stop the Trojan dead. Therefore, the window of opportunity for such a Trojan would be very small. I doubt any Rattus malwaricus would bother. But we shall see.
My guess is that Apple will be upgrading its System installation of Java to version 7u25 or better in the near future. (I don’t have my beta copy of 10.9 beta handy today, so I can’t tell you if Apple has already upgraded it or not. I’m not supposed to divulge that yet in any case!) If that occurs, then it would be up to Java application writers to update their software to be Java 7 compatible.
Java should never have been in the browser in the first place. Nor anywhere on the desktop for that matter.
Exactly. Java on the server is one thing, on the desktop (and god forbid, mobile device) is another.
Java arrived with A LOT of promise.
1) At the time, there was no official scripting for the Internet, no Netscape LiveScript (later stupidly named ‘JavaScript’). Therefore, having Java working over the Internet was seen as incredible functionality that HTML and other Internet protocols could NOT attain.
2) Java was supposed to be 100% safe, NEVER ABLE to touch a client’s file system, entirely sandboxed.
3) Java was supposed to SOLVE all the bad memory management that is inherent in C programming (unless you’re a frickin’ genius), preventing the buffer overruns used in malware attacks.
4) Java was supposed to allow ‘write once, use anywhere’.
ALL of that turned into pumpkins for various reasons. JavaScript arrived and via nefarious means expanded into what is now ECMAScript. Then Oracle bought Sun Microsystems and literally DESTROYED Java’s sandboxing mainly because they’re idiots, thus the worst security problems with Java at the present time. Then add on top the fact that Java’s ‘improved’ memory management turned out to be largely nonsense. Oh and the ‘write once’ turned out to be a nightmare of glitches.
And I could go on and on with other problems in Java.
Therefore, the Fairy Godmother of the Internet really screwed up with Java, on the Internet most specifically.
I personally wish for a thorough overhaul of Java into ‘Java Version 2.0’ that actually works. I also wish Java would be allowed to become 100% open source. Neither of these wishes will be granted. Very sad.