14 DAY TRIAL // Just days after releasing new Java updates to the public, Apple has issued a memo on its Support site acknowledging that the company had been forced to block Java in OS X yet again because of security concerns.
The memo on Apple’s Support area states, “To help protect users from a recent vulnerability, Apple has updated the web plug-in-blocking mechanism to disable older versions of the web plug-in: Java.”
Apple also tells customers what they can do to help limit exposure to potential Java web app vulnerabilities, such as “enable Java in your web browser only when you need to run a Java web app.”
Users can also confine their most used web browser only to the websites that need the Java web app, with Apple instructing customers not to open any other sites while the plug-in is enabled.
“When you are done, disable the Java web plug-in,” reads Apple’s final piece of advice. To disable the Java web plug-in in Safari, users can follow these simple steps, according to the Cupertino giant.
1. In Safari, choose Safari > Preferences or press Command-comma (⌘-,) 2. Click "Security". 3. Uncheck (deselect) "Enable Java". 4. Close the Safari preferences window.
When you need to re-enable Java in Safari, simply follow the same instructions again and check the “Enable Java” box.
Earlier this week, Apple rolled out new Java updates for OS X users highlighting dozens of vulnerabilities patched recently by Oracle.
As it is always the case with the Java platform, the next day new bugs had already been found.
Apple uses the Xprotect mechanism to automatically send instructions to Internet-connected OS X computers to block Java when such vulnerabilities are found.
Oracle will now have to code up yet another new batch of Java updates for OS X users.