Help

JAVA 7/8 Questions in Safari and Chrome

roethelbc
New Contributor III

Posted on ‎07-22-2015 10:50 AM

Not really JAMF related but I thought I would ask. We are a BANNER user campus which at this point is mandating JAVA 7u75 as we have not been able to get it to work on JAVA8u51. Chrome and Safari have allowed us to run outdated versions of JAVA but now block it and say we HAVE to update it. Has anyone else noticed this new behavior from these two browsers? I am trying to get an idea if Google and Apple have cut ties with JAVA 7, which means we have a bigger problem in my neck of the woods. Thanks for any input.

0 Kudos
Reply
2 REPLIES 2

rtrouton
Release Candidate Programs Tester

Posted on ‎07-22-2015 11:04 AM

I'm not sure about Google, but Safari takes its plug-in blocking cues from XProtect:

https://en.wikipedia.org/wiki/File_Quarantine

Up until mid-July, XProtect was allowing Java 7 Update 25 and later to run in Safari. In the wake of Java 7 reaching End-Of-Life status in April and new Java vulnerabilities showing up, Apple updated XProtect's block list to set Java 8 Update 51 as the minimum allowed version:

https://twitter.com/rtrouton/status/621530293938171906

For situations like yours, where an older Java version is needed, I have a script that manages XProtect’s ability to disable the Java browser plug-in by modifying the Java browser plug-in settings in the plist which XProtect is referencing:

https://derflounder.wordpress.com/2013/02/24/managing-java-browser-plug-in-settings-for-apples-xprot...

I've tested this script on Mac OS X 10.6.8 - 10.10.4. XProtect updates this plist on a regular basis, so I recommend also running the management script regularly.

0 Kudos
Reply

bvrooman
Valued Contributor

Posted on ‎07-22-2015 11:07 AM

It's not a matter of Apple or Google "cutting ties" with anything – Oracle has stopped issuing updates without an expensive support contract, and Java 7 is now end-of-life. It won't be receiving new security updates to fix the vulnerabilities that are present in 7u75, which is why a number of browsers are requiring upgrades to a supported, non-vulnerable (or at least not-known-to-be-vulnerable) version of Java.

https://www.java.com/en/download/faq/java_7.xml

For situations where you must run older versions, @rtrouton's solution is probably the way to go.

0 Kudos
Reply