Mac – OSX /Web Browser – Plugins – Malware Drive-by

Mac OS X – Web Browser – Plugins

Another day, more web browser plugins security holes.

Earlier today, Apple reported that at least for now, it is blocking Java Plugings at the OS level.  So irrespective of the browser (Safari, Chrome, Firefox) Java Applets are no longer viable if your box is an Apple.

More can be read:

Apple Blocks Java on Macs due to vulnerabilities
http://www.nbcnews.com/technology/technolog/firefox-set-block-almost-all-web-browser-plug-ins-1B8182468

Which brings it to a couple of important questions:

Which OSes/Browsers actually support Java Applets?

One of the areas you can start is to determine the bitness of your Application.  Is it 32 or 64-bit?

To do so, I will suggest you use “Application Monitor”.

Activity Monitor displays the bitness of each Application running via its “Kind” column.

Activity Monitor

In the screen short above, it is obvious that Firefox and Safari are 64-bit apps and Google Chrome is 32-bit.

Once you have this information, feel free to sojourn to Java’s web site.  And, read up on Java support for your OS/Browser:

Google Chrome

How do I use Java with the Google Chrome browser?
http://java.com/en/download/faq/chrome.xml

Java 7 and Chrome on Mac OS X

Chrome does not support Java 7 on the Mac platform.
A 64-bit browser (Safari or Firefox, for example) is required to run Java 7 on Mac OS X. 32-bit browsers such as Chrome do not support Java 7 on the Mac platform.

Firefox

http://support.mozilla.org/en-US/kb/use-java-plugin-to-view-interactive-content

Important: Firefox has stopped the Java plugin from running automatically because it has a security issue. However, you can still use Java on trusted sites if necessary.

In essence, going forward you will have to opt in to be able to use Java.  There are a couple of levels of opting-in.

Based on “How to use Java if it’s been blocked”:
http://support.mozilla.org/en-US/kb/how-to-use-java-if-its-been-blocked 

The options are:

  • Allow Java Applet engine for each iteration
  • Allow Java Applet engine for the site; once and for all

Safari

As of yet, there are no specific Java Advisories at the browsers’ level (directed at Safari).  Outside of the ability to enable/disable Java at the browser level.

Note that unlike Firefox, this enablement / disablement is not targeted at individual sites.

The steps are documented:

How to disable the Java web plug-in in Safari
https://support.apple.com/kb/HT5241

Is your Browser configured to run Java Applets:

To gauge whether your browser is configured to run Java Applets, try the following options:

References:

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s