Apple Blocks Vulnerable Java 7 Plug-in

By Friday, January 11, 2013 0 , , Permalink 0

The recently discovered Java 0-day has received quite a lot of attention and Department of Homeland Security, US has issued a public warning on its website asking users to disable or uninstall Java immediately as a preventive measure.

There is no patch available as of this writing following which software biggies like Mozilla have also started taking steps of their own to protect their users by updating its Firefox add-on list and blocking latest Java versions.

Apple, through an update to its antimalware protection system has blocked all Java plug-ins other than On examining the ‘XProtect.meta.plist‘ file located at ‘/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/‘ one can observe that the blacklist specifies or higher as the minimum requirement for Java indicating that the version is blocked automatically.

Users will receive a blocked plug-in message on their Safari browsers on Mac version 10.7.x and 10.8.x.

[Update: 01/02/2013] Apple has blocked Java on Mac again.