Subscribe to RSS

Apple Once Again Blocks Java 7 Web Plug-in!

Earlier this month, Apple took the unusual step of remotely blocking Oracle's Java 7 browser plug-in due to a major security vulnerability, using the "Xprotect" anti-malware system built into OS X to enforce a minimum version number that had yet to be released. Within days, Oracle updated Java to address the issue, with the new version number making the Java plug-in usable on OS X systems once more. 

As noted by French site MacGeneration [Google translation] and the Apple discussion forums, Apple has once again blocked the Java 7 plug-in using Xprotect. 

The updated blacklist enforces a minimum Java plug-in version of 1.7.0_11-b22, while the latest version of the plug-in is 1.7.0_11-b21. 

The exact reason for Apple's renewed block on the Java plug-in is unknown although reports immediately following the release of Update 11 earlier this month indicated that it fixed only one of the two bugs that contributed to the security vulnerability. In the wake of that news, cybersecurity officials recommended that most users disable Java even with the up-to-date plug-in installed.

 

Oracle Security Alert CVE-2013-0422 states that Java 7 Update 11 addresses this (CVE-2013-0422) and an equally severe, but distinct vulnerability (CVE-2012-3174). Immunity has indicated that only the reflection vulnerability has been fixed and that the JMX MBean vulnerability remains. Java 7u11 sets the default Java security settings to "High" so that users will be prompted before running unsigned or self-signed Java applets. 

Unless it is absolutely necessary to run Java in web browsers, disable it as described below, even after updating to 7u11. This will help mitigate other Java vulnerabilities that may be discovered in the future.

If this continued issue is indeed the reason for the new block by Apple, it is unclear why the company waited several weeks to update its plug-in blacklist.

0 comments

Add your comment

Nickname:
E-mail:
Website:
Comment:

*

Other articlesgo to homepage

Samsung to Assist with Production of Apple’s Next-Generation A8 Chip!

Samsung to Assist with Production of Apple’s Next-Generation A8 Chip!(0)

Back in June, Taiwan Semiconductor Manufacturing Company (TSMC) struck a three-year deal with Apple to produce A-series chips for iOS devices beginning in 2014. The move was seen as part of Apple's strategy of moving away from rival Samsung for component supplies, although Samsung was soon after reported to have landed its own deal to once again produce chips

Apple Tops Coca-Cola, Google to Become World’s Most Valuable Brand!!

Apple Tops Coca-Cola, Google to Become World’s Most Valuable Brand!!(0)

According to a report from identity and brand consulting company Interbrand, Apple has overtaken Coca-Cola as the new most valuable brand in the world, knocking the beverage corporation from its 13-year tenure in the annual “Best Global Brands” survey, reports The New York Times. Every so often, a company changes our lives, not just with its products, but also

iPhone 5 ‘by far the most popular iPhone,’ Apple says!

iPhone 5 ‘by far the most popular iPhone,’ Apple says!(0)

Though executives with Apple said they are pleased by sales of the legacy iPhone 4 and iPhone 4S, they also noted that the iPhone 5 remains "by far the most popular iPhone" they sell. The comments come as Apple has seen its gross margins slide, leading to speculation that previous-generation iPhone models are growing in

Apple and Amazon Settle ‘App Store’ Dispute

Apple and Amazon Settle ‘App Store’ Dispute(0)

The long dispute between Apple and Amazon over the term "App Store" has come to an end, with Apple agreeing to end the lawsuit with promises from Amazon not to countersue, reports Reuters. "We no longer see a need to pursue our case," Apple spokeswoman Kristin Huguet said. "With more than 900,000 apps and 50 billion downloads, customers

Woman dies using a charging iPhone 5, Apple vows to aid in investigation!

Woman dies using a charging iPhone 5, Apple vows to aid in investigation!(0)

Apple has said it will aid in the investigation of the death of a Chinese woman who was allegedly electrocuted when she answered a charging iPhone 5. In an e-mail sent to Reuters, Apple said the company is "deeply saddened" by the "tragic incident" that killed 23-year-old Xinjiang woman Ma Ailun. Apple vowed to "fully investigate and

read more

Special

Contacts and information

Social networks

Most popular categories

© 2013 Appleffect theme by Appleffect News All rights reserved.