Apple has blocked Java on Macs for the second time this month. The decision was made when it was discovered that the newest version of the Java web plugin contained critical vulnerabilities.
Earlier this month Apple had to block Java for the same reason. The previous version of Java’s web plugin was replaced with a new version that promised to patch the previous vulnerability. Unfortunately it was discovered that despite new security mechanisms, the newer version is still exploitable.
As reported by ars technica, Apple has used a security control, included in OS X, to block plugins that display vulnerability:
“Apple can update its Xprotect list to specify which version is acceptable. Earlier versions of plugins are then blocked from running within Safari. Apple has used the Xprotect minimum version mechanism to effectively block the Java Web plugin by specifying a future version number that hasn’t been released.”
As reported by USA Today, certain individuals and businesses rely on Java applications. The Associated Press ran into some issues today when they realized they were unable to access photos. AP spokesman Paul Colford explains how they were affected by the block:
“The situation caught us by surprise and a number of our machines could not operate for a time, but we had enough capability to work around the problem in the meantime. We expect the affected machines to be operating by day’s end.”
Users who need Java applets for certain functions are encouraged to instead use Chrome of Firefox browsers. While Chrome and Mozilla are working toward blocking plugins with security flaws, they seem to be running Java plugins at this time.
Apple will continue to block Java from Macs until the security issues have been completely resolved by Oracle, which owns Java.