Earlier this year Oracle ORCL 50,93 +0,31 +0,61% announced starting with JDK 9 (eta September 2016), they will remove the plugin support. They are encouraging developers to move towards the plugin free Java Web Start technology. Oracle’s reasoning for this move has to do with more and more browsers removing support the 20+ year old Netscape Plugin Application Programming Interface (NPAPI) plugin technology. GoogleGoogle Inc. 928,45 -8,89 -0,95% Chrome no longer supports NPAPI plugins such as Java and Silverlight. Google has partnered with Adobe ADBE 154,28 -0,78 -0,50% to include an integrated version of Flash within Chrome. The Windows 64-Bit version of Firefox also does…
Java
Read More
Mozilla is moving right along with getting Firefox 41 ready to ship for the September 22nd release. Having had a chance to play with the current Beta version of Firefox 41, here are THREE major changes users should be aware of to avoid headaches upon updating/downloading: New ‘New Tab’ behavior. Gone are the days users could set their preference as to what comes up when they open a new tab via the browser.newtab.url preference in about:config. Nope, that was being ‘exploited’ so Mozilla removed this functionality that has been in Firefox since Firefox 13 (June 2012). There is a simple solution, Custom New…
I understand what Mozilla is doing with in the Win64 Firefox in regards to only allowing the Flash NPAPI plugin. It starts to make sense if you look at the browser ‘market’ as a whole. Microsoft’s new Edge browser (Windows 10) does not support SilverLight and Java and neither does/will Chrome (Google plans to phase out NPAPI plugins by end of 2015). All of these browsers including the Win64 Firefox do support Flash. Also, remember Flash is integrated (no plugin) into Chrome as Google bribed paid Adobe to build a custom version of Flash directly into Chrome. It is almost painful…
Javaun Moradi announced earlier in bug 1181014 (this was the bug about how to ‘market’ the Win64 builds on Mozilla.org): Folks, we’ve decided not to release win64 builds in Fx40. We have many improvements coming in 41 — sandboxing and NPAPI whitelisting, and possibly some other fixes — and it makes sense to hold. I as much as anyone want to see 64 launch, but given the enthusiasm, it’s better to wait for a product that has safety and polish 41 will bring. He also commented in bug 1180792 (enabling Win64 builds on release channel): Our original plan was a quiet soft-launch in 40,…
There is an email going around claiming to be from Oracle (the makers of Java) that contains a link and/or attachment to download a Java update. Clicking the link or opening the attachment can result in malware being installed on your system. If you get one of these emails, discard it, it is not real. Bottom line, Oracle is not sending out emails to let Java users know there is an update. If you are not sure you have the most recent version of Java, you can go to Oracle’s site and check. via eweek
Normally, I don’t re-post from my Firefox Blog, but these browsers plugin vulnerabilities affect other browsers (such as Chrome & Safari) besides Firefox. Dangerous vulnerability in latest Java version Version: Java 7 Update 10 Issue: Can be used for Cyber attacks (even on fully patched Windows machines) Recommend Action: Browser plugin should be disabled or sandboxed (see Work Around below)) Work Around: For those who MUST have Java, use Firefox 17 is or newer. The Java plugin will be installed but ‘sandboxed’. The plugin will not execute/run until the user gives permission ‘click to play‘ on a per site basis. The user will…
Java Release 7 Update 11 (released January 13, 2013) fixes this issue. More info here. In response to the recent news about the major vulnerability found in Java 7 Update 10, Mozilla has enabled click to play for recent versions of Java on all platforms (Java 7u9, 7u10, 6u37, 6u38). This is being done automatically for users who are using Firefox 17 or newer. The Click To Play feature ensures that the Java plugin will not load unless a user specifically clicks to enable the plugin. This protects users against drive-by exploitation, one of the most common exploit techniques used to compromise vulnerable users….
Java Release 7 Update 11 (released January 13, 2013) fixes this issue. More info here. ” The latest Java version, Java 7 Update 10 contains a critical security vulnerability which is reportedly already being used for large scale cyberattacks. Users who have Java installed on their computers should deactivate the Java plugin in their browsers without delay. …” Source: The H Security: News and Features More Dangerous vulnerability in latest Java version
Windows “JavaRa is a sweet little program that allows you to manage Java on your PC. It comes with functionality to uninstall old Java versions, update the Java Runtime Environment (JRE) to the latest version, install the latest version of Java, and perform a number of other features related to Oracle’s Java technology.“JavaRa 2.0 has just been released by its author, … “ Source: Ghacks.net JavaRa 2.0: manage Java on your PC Go get it.
I have come to the realization now, that I should except any software I download and install to try and sneak bloatware or Malware on to my system. This can be in the form of a browser toolbar or some type of ‘security software’ or Windows optimizer. Avast! has their WebRep extension that is installed into all the browsers on your system. This is suppose to tell you how reputable a site is when you are doing a Google search. Java is partnering now with McCrappy McAfee. Waterfox now serves up a bunch of stuff from AVG unless you go hunting around the custom install…