The uncertainty around Java shows no sign of abating as Apple blocks all versions of Java on OS 10.6 and above through its anti-malware feature, XProtect.
Apple’s action follows Mozilla’s blocking of Java in all but name as the maker of Firefox moved to end auto-loading of plug-ins for the browser.
The issue is becoming troublesome for Oracle as it seeks to reassure users that Java is safe. It has already released a series of fixes. However the company is now keen to get the message across to Java users that it takes the problem seriously.
“The plan for Java security is really simple: it’s to get Java fixed up, number one, and then, number two, to communicate our efforts widely. No amount of talking or smoothing over is going to make anybody happy or do anything for us — we have to fix Java, and we have been doing that.” Oracle security lead Milton Smith recently told a conference call with Java user group leaders.
Author Rob Waugh, We Live Security