Monday, January 14, 2013

Java 7u11 Is Out And Inadequate

[Updated 2012-01-28]

Oracle rushed out Java 1.7 update 11 over the weekend.

1) It still has well known, published, publicly acknowledged security holes. IOW: It's still entirely dangerous. Don't use Java unless you have to. Meanwhile:

Just Turn Java Off.

2) Apple's quick response (despite the nasty bug when DIY running XProtect Updater) was EXCELLENT. I applaud Apple for speed and efficiency. This is Apple on-their-toes and I like it!

3) That stupid, moronic Java 'Control Panel' bug that my 11 year old nephew could solve, whereby the 'Enabled' checkbox is ON forever, no matter what, continues. I hate you Oracle, you blithering idiots:

4) --> UPDATE NOTE from 2013-01-28:
It has been found that the "Very High" Security Level setting is INEFFECTIVE! It does NOT block malware. Consider it USELESS! Read ahead to my article:

Just Turn Java Off: 'Very High' Security Setting NOT EFFECTIVE!

 Therefore, here is how you effectively turn OFF Java in its 'Control Panel' until you have already navigated to a website you know is safe for running Java:

Set it and leave it on the 'Very High' Security Level. There is no excuse for setting it on anything else unless you know you're on a safe site. Then before you leave that site, turn it back up to 'Very High'. I can't stress this enough. 'Very High'. No, not me! The Java Security Level!


With the help of my Mac security friend Sean O'Connell, I'll be providing some further safety settings for the 'Advanced' tab later.

Just Turn Java Off. 
It's that bad.



  1. It looks as though (in the panel under #4 above) you //can// turn off Java in the browsers. That check will uncheck for me.

  2. I believe you mean the 'Enabled' checkbox under #3 above. If you have that working, EXCELLENT! I am off to verify on 10.7.5 and 10.8.2 and will comment my results. I had tried it out on 10.8.3 beta this morning and it FAILed. But it may be working on non-beta OS X. So thank you!