For the second time in a month, Apple Inc Thursday blocked the current version Java web plugin on Macs computers. The decision was made when the company discovered that the newest version of the Java web plug-in contained critical security threat.
Computers have stopped running programs written using the Java programming language after Apple blocked it.
Earlier in January, Apple blocked Java for the same reason and then unblocked by replacing the previous version Java plugin with a new version (JRE version 1.7.0_11-b21) that promised to patch the chronic security problem. Unfortunately, it was discovered that despite the new security methods, the newer version is still vulnerable.
According to a post by ars technica, Apple has used a security control, included in OS X, to block plugins that display vulnerability:
"Apple can update its Xprotect list to specify which version is acceptable. Earlier versions of plugins are then blocked from running within Safari. Apple has used the Xprotect minimum version mechanism to effectively block the Java Web plugin by specifying a future version number that hasn't been released."
Apple sends out virtual blacklists to Internet-connected Macs, instructing not to run certain programs. The company is blocking the latest version of Java from Macs which are running on the most recent version of operating system (OS X 10.6 aka Snow Leopard) and above, and also blocking older version Java 6 on Macs running older version operating system. The block affects those programs and online games that use Java in web browsers.
The U.S. Department of Homeland Security recommends disabling Java in Web browsers because it has provided pathways for hackers to take control of computers that visit a website rigged with malicious software. Oracle Corp., which owns Java, has issued updates that fix known vulnerabilities, but the DHS expects that there are more.
Oracle had no immediate comment on Apple's action.
To contact the editor, e-mail: