Printed from http://www.electronista.com

Apple adds site-specific controls to Java, updates Safari

updated 07:45 pm EDT, Tue April 16, 2013

Restores more user control to Java web plug-in

Apple on Tuesday updated both Java and its web browser Safari for users of OS X 10.6.8 (Snow Leopard) and higher. The updates now allow users to enable the Java web plug-in on a site-by-site basis, as opposed to the "active" or "inactive" options it had previously. Following a spate of serious issues, Apple forcibly disabled the Java plug-in because of malicious, in-use threats -- though users could reactivate Java once they updated.

Safari has now been updated to version 6.0.4 for OS X Lion and Mountain Lion (10.7.x and 10.8.x, respectively), and version 5.1.7 for Snow Leopard (10.6.8). The only listed change in the 6.x version is the ability of the browser to ask the user if they would like the Java plug-in activated for a particular site, having detected the use of Java on that page.

The intention is to make it easier for users to quickly add trusted sites that employ Java to the "whitelist" while keeping the plug-in inactive on unfamiliar or untrusted sites. Users can also manage settings, choosing to always allow Java on some sites and always block it on others, or ask on each occasion or allow on a one-time basis.

While Java has seen greatly-declining use on many web pages -- in part due to its ongoing security issues -- it is still required for some applets and other users on a variety of sites. For example, a casual game-player might want to keep Java "always on" when visiting a game site like pogo.com, but off for most other sites where Java isn't mandatory for the site's functionality. Safari will now show a "blocked plug-in" message where a Java element is present but not active, and should a serious security issue emerge in the present version Apple would likely disable the plug-in again until users updated to a patched version.

The Snow Leopard version of the latest Safari takes the opportunity to includes some addition updates and fixes. Version 5.1.7 improves performance when the system is low on memory, automatically disables versions of Adobe Flash that aren't up-to-date for security reasons (though it provides the option for users to download the latest version for their system), and fixes a pair of other bugs. One of the issues could prevent webpages from responding to the pinch-to-zoom gesture on trackpads or Magic Mouse devices, while the other affected some websites that used forms to authenticate users.

In addition, Apple has updated Java for system on 10.6.8 and later. For Snow Leopard, the update is called Java for Mac OS X 10.6 Update 15, and upgrades Java SE 6 to version 1.6.0_45 as well as enabling site-by-site control of the plug-in in connection. For Lion and Mountain Lion, the update is referred to as Java for OS X 2013-003 and again updates any installations of Java SE 6 to version 1.6.0_45.

On systems that haven't already installed Java for OS X 2012-006, the update will disable the Java SE 6 web plug-in completely (users will still have the option to update to the latest version of Java SE 7, or install the 2012-006 update). Java applets outside of web browsers will continue to function normally. Lion and Mountain Lion users can also install Java SE 7 directly from Oracle's website in order to run the most recent version of Java, which has already been updated to deal with the previous security threats. Apple does not post updates to Java SE 7, having relinquished responsibility for it to Oracle with the release of Lion.




By Electronista Staff
toggle

Comments

  1. hayesk

    Professional Poster

    Joined: 09-17-99

    Smart

    This is a great feature. There are many institutions which require java clients for access to their systems.

  1. Flying Meat

    Dedicated MacNNer

    Joined: 01-25-07

    It appears to fix a bug

    in Java applets, where a text field is drawn on screen, but the actual active entry point is around half an inch higher, or it doesn't accept input at all.
    The previous workaround was to move the applet window, or to command+tab to another application and back again.

    No longer an issue!

    Be aware that the disabling of a known vulnerable version of a Java component is still a possibility. This won't assure uninterrupted use of a significantly vulnerable Java component.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

Tesoro Tizona G2N Elite gaming keyboard

The market for gaming keyboards is getting crowded, starting off with some fairly simple keyboards and diverging into the land of modu ...

GX Gaming DeathTaker mouse

Gaming is a serious endeavor for many people, driving them to look for the best performance in their system and interface devices. Fro ...

Sponsor

toggle

Most Commented

 
toggle

Popular News