Login/Register
Disabled Java warning appearance & affect on Java Web Start apps
Asked Answered
Solved javasecuritydeploymentappletjava-web-start
P

1

1

Recently security vulnerabilities were discovered in the Java Plug-In1. As a protection for the end user, Java in most browsers was disabled promptly. What do the 'Java disabled' warnings look like?

Does the blocking of applets also affect Java Web Start apps. (they are launched from a link in a web page) aimed at desktop use?

  1. Security vulnerability in the Oracle Java Plug-In. For more details see:
Petepetechia answered 23/1, 2013 at 19:24 Comment(2)
I didn't downvote this question it's very vague.Chignon
@BuhakeSindi Perhaps the down-voters should realize the question is part of a Q&A. The A is below & 'a picture paints a thousand words'. ;) It was posted to correct some misconceptions that surfaced on another thread at SO. +1 for not down-voting. :)Petepetechia
P
4

What do the 'Java disabled' warnings look like?

This is how Oracle's test Java page appears now. It is an embedded applet.

FireFox

FireFox - Security Vulnerabilities

Chrome

Message in yellow bar at top of browser:

Java(TM) was blocked because it is out of date. Update plug-in... Run this time - learn more x

Shown in place of applet, and on right click produces menu..

Chrome - Java is out of date

Note re version 1.7.0_11

Java version 1.7.0_11 that fixes the bug, mentioned in the last link in the question, does not enable the browsers again. Those warnings above were seen despite that this info. can be seen after enabling the plug-in for either browser..

Latest Java Installed - Version: Java SE 7 Update 11

It might indicate that the Oracle fix for the bug is to permanently load applets in this 'prompted for every one' way. That might not be a bad thing.

Does the blocking of applets also affect JWS apps?

No it does not. Just applets (and applets embedded using JWS).

Here is how you might see a JWS app. deployed using deployJava.js which (checks for the JRE and) shows an icon like this (without prompt - if installed).

JWS launch icon

If launching (for example) the JavaFX 1.2 demo. - Powerful UI Capabilities With Node-Based Controls I see the icon for launching the JWS app. At the same (security vulnerability) time I still see that warning on the applet mentioned above.

Note that the Java FX demo. does itself have security risks/prompts for 'application components that might indicate a security concern' from 'mixing signed & unsigned code'.

Petepetechia answered 23/1, 2013 at 19:24 Comment(4)
@JewelSea. Sorry for the mistake. :( Thanks for the edit! :) If you happen to know of any Oracle based JavaFX 2 demos. with no warnings, please let me know!Petepetechia
Alas, there are none Andrew.Aviv
It's worth noting that the "plugin has security vulnerabilities" image is generated by FireFox's click-to-run technology and is not specific to Java. The image can be displayed even though Java is enabled via the Java Control Panel. Currently FireFox shows the click-to-run image for all Java applets on a Java 7 installation (which they have been doing after CVE-2013-0422).Aviv
@Aviv Thanks for the extra details.Petepetechia

© 2022 - 2024 — McMap. All rights reserved.