Headline: Oracle Java 7 plug-in blocked by Safari in the wake of a zero-day exploit

Headline: Oracle Java 7 plug-in blocked by Safari in the wake of a zero-day exploit

Apple has blocked Safari on Macs from running Oracle’s Java 7

in the wake of a zero-day exploit for Java:

New Year Java Zero-Day Attacks Under Way

To verify this on your own machine:

1. Open Safari on a 10.7.x or 10.8.x Mac

2. Go to http://www.java.com/en/download/testjava.jsp to test your Java browser plug-in.

Instead of a report that Java is working, you’ll receive a Blocked Plug-In message.

screen-shot-2013-01-11-at-9-39-41-am

I’ve verified that 10.5.x and 10.6.x Macs do not appear to be affected by this, as they are not running Java 7.

Oracle has not yet released an updated Java 7 installer, so there’s nothing currently available to fix this issue. The latest Java installer for OS X was released in November 2012 and contains the vulnerability.

The best workaround at this time is to use Firefox. I tested with Firefox 18 and Firefox is not blocking the Java plug-in at this time.

Chrome will not work as an alternate browser, as Oracle’s Java 7 browser plug-in only works with 64-bit applications. Firefox and Safari are both 64-bit, but Google Chrome is a 32-bit application.

If the Java application you need to run does not require Java 7, you can also re-enable the Apple Java 6 browser plug-in. You can do this using the procedure.



VPN: L2TP Server installation and config

VPN: L2TP Server installation and config

VPN: PPTP Server installation and config

VPN: PPTP Server installation and config