British Flag
British Apple Users Info & Support
LOGIN
The next event is:
Internet Retailing Conference 2016

On 12 October 2016
More events…

macOS 10.12 Sierra
FREE
Amazon UK Digital Mac Software Affiliate Link Discounted Shopping via QuidCo
Maclocks.com Love It-Lock It
Click here for award winning web hosting

Java (Security) For Mac OS X

Article ID = 3
Article Title = Java (Security) For Mac OS X
Article Author(s) = Graham Needham (BH)
Article Created On = 30th March 2011
Article Last Updated = 8th September 2016
Article URL = http://www.macstrategy.com/article.php?3

Article Brief Description:
Java For Mac OS X information, download/update links and security settings with instructions for disabling Java (plug-ins).

Java for Mac OS X

Java is a programming language that allows application/software to run on different operating systems (e.g. Mac OS X, Windows, Linux, Solaris) as long as a Java Runtime Environment (RE) is installed on the target operating system. Java can also be found on web sites where "applet" code downloaded from the web site server will run locally on your computer via a web browser plug-in. There are different installations of Java depending on your usage requirement e.g. general user, developer, etc. The most common installation is the Standard Edition (SE) which is for general users.
NOTE:
  • Because Java runs applications in the OS and in web browsers it is a common attack vector for malware and viruses.
  • Java should not be confused with JavaScript which is a completely separate/different scripting language used on web sites/the internet.
  • Java is now owned and maintained by Oracle.
  • As of the 4th March 2015 (Java 8 Update 40) Oracle is now bundling adware with their Java installer.
In the past (Java RE v6 and earlier) Apple used to get the Java code from Oracle and write a Java Runtime Environment (RE) for Mac OS X themselves but as of 15th October 2013 this is no longer the case. Java on a Mac consists of two primary software components:
  1. An internet plug-in used to run Java "applets" via the internet in a web browser e.g. some banking web sites.
  2. A "Runtime Environment" (RE) that also allows you to run Java "applications" directly within the operating system.
Java RE versions supported by Mac OS X
  • macOS 10.12 - Java RE v8
  • OS X 10.7 to 10.11 - Java RE v8, v7 or v6
  • Mac OS X 10.6 - Java RE v6
  • Mac OS X 10.5 or earlier - Java RE v5
  • Java v8 is currently supported and updated with security updates
  • Java v7 was end of life January 2015 and will no longer be updated after April 2015
  • Java v6 was end of life February 2013 and no more updates were issued as of 15th October 2013
  • Java v5 is no longer updated
Q. Which version of Java do you recommend?
A. If you don't need Java don't install it. If Java is installed we now highly recommend installing Java RE v8 from Oracle as Apple phased out Java RE v6 support in October 2012 and Oracle phased out Java RE v7 support in January 2015. So if you are running:
  • Mac OS X 10.6 or earlier = don't use Java and disable it.
  • OS X 10.7 to mac OS 10.12 = (if you require Java) install Java RE v8 from Oracle.
Q. How can I tell which version of macOS / OS X / Mac OS X I am running?
A. Go to Apple menu (top left) > About This Mac > check the version reported for macOS / OS X / Mac OS X.
Q. How can I tell if a Java RE is installed on my Macintosh?
A. Follow these steps:
  1. Go to Apple menu > System Preferences > Java (if a Java Preference pane exists you have Java RE v7 or later installed - you can get information on the version installed by going to the General tab and clicking "About…")
  2. If you do not have a Java Preference pane go to Macintosh HD > Applications > Utilities > Terminal
  3. Enter the following commmand:
  4. sudo /usr/libexec/java_home
  5. Enter your computer's administrator password
  6. NOTE: This Terminal command will report any versions of Java RE v6 or earlier that are installed on your computer. If none are listed you do not have Java installed.
Q. How do I keep Java RE v6 up to date on OS X (if it is installed)?
A. The last update produced by Apple is Java RE v6 v1.6.0_65 (available for OS X 10.7 to 10.11 as Java for OS X 2015-001. Java RE v6 is no longer supported - if you have Mac OS X 10.6 or earlier disable Java. If you have OS X 10.7 or later = install Java RE v8 from Oracle.
Q. How do I keep Java RE v8 up to date on OS X (if it is installed)?
Q. I have Java RE v7. How do I update it to v8?
A. Go to Apple menu > System Preferences > Java > Update tab and tick "Check for Updates Automatically".
See also this How do I update Java for my Mac? article from Oracle.
As of the 20th January 2015 Java auto-update will update Java RE v7 to v8.
Q. Now that Oracle have released Java RE v8 is v7 end of life/insecure?
Q. Which versions of Java are no longer supported/insecure?
A. Oracle provides a Java SE Support Roadmap. You can check the dates that Java RE versions become end of life/no longer supported/insecure but basically:
  • Java v8 is currently supported and updated with security updates
  • Java v7 was end of life January 2015 and will no longer be updated after April 2015
  • Java v6 was end of life February 2013 and no more updates were issued as of 15th October 2013
  • Java v5 is no longer updated
Q. I need Java and I've installed Java RE v7/v8 but my Java software specifically needs RE v6. Is there anything I can do?
A. Yes, you can downgrade v7/v8 to v6 by following the instructions in this Apple support document to disable Java RE v7 and re-enable Java RE v6 (but note that Java RE v6 is no longer supported for security updates so only do this if you absolutely must for Java compatibility).

Java Notes

  • For security reasons users of Mac OS X 10.6 with Apple's Java Update 9 or later will find that the Java plug-in deactivates automatically when no applets are run for an extended period of time. Java applets can be re-enabled by clicking the region labeled "Inactive plug-in" on a web page but as Java RE v6 is no longer supported or security updates you should only do this if absolutely required.
  • For security reasons users of OS X 10.7 or later with Apple's latest Java update installed (Java Update 2014-001) will find this update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a web page, click on the region labeled "Missing plug-in" to download the latest version of the Java applet plug-in from Oracle. This update also removes the Java Preferences application (from Applications > Utilities), which is no longer required to configure applet settings.
  • OS X 10.7 or later support Java RE v6 and v7 but both are now end of life so you should install the latest v8 from Oracle.
  • Java was included as standard with Mac OS X 10.6 or earlier - it cannot easily be removed but it can be disabled.
  • A Java RE is not included as standard with OS X 10.7 or later but it does include a Java plug-in (so you are recommended to disable this plug-in if you don't use Java on the internet). A Java RE can be automatically installed by OS X (permission will be asked first - it is not a silent install) if you try to run any Java software on your computer (this automatic install is currently Java RE v6 from Apple but this is end of life so ultimately you should really install v8 manually from Oracle (if you require Java). In fact, Apple's Java Update 2012-006 or later now actively pushes you to install Java RE v8 from Oracle anyway.
  • Java RE v6 is required for some old software applications such as Adobe Creative Suite.
  • If you upgrade the OS X operating system Java RE v6 is removed and needs to be reinstalled.

Java Links

Java Security for Mac Users > How To Disable/Secure Java

Java RE v6 and earlier are end of life and are no longer supported/updated. If you are running Mac OS X 10.6 or earlier you are recommended to disable Java and read up on securing older operating systems.
Q. How can I tell which version of macOS / OS X / Mac OS X I am running?
A. Go to Apple menu (top left) > About This Mac > check the version reported for macOS / OS X / Mac OS X.
Securing/Disabling Java RE in OS X 10.7 or later
  1. Go to Apple menu > System Preferences > Java > (the Java Control Panel will open separately) > Security tab
    • If the Java preference pane does not exist you do not have Java RE v7 or later installed. Go to the disabling Java RE v6 instructions below.
    • If you have a Java preference pane and the Java Control Panel opens separately go to the "Security" tab in the control panel. If there is no Security tab you have an old version of Java RE v7 installed - update Java RE v7 first, then come back to these instructions.
  2. Set the 'Security Level' slider to "Very High".
  3. If you don't use Java untick "Enable Java content in the Browser".
  4. If you do use Java click "Advanced Security Settings" and configure as required for your Java usage.
  5. Now go to the 'Update' tab and tick "Check for Updates Automatically".
  6. Now go to the 'General' tab, click "Settings…" under 'Temporary Internet Files' and untick "Keep temporary files on my computer" and click "Delete Files…". Click "OK".
  7. You are now also recommended to switch off Java in your web browsers.
Disabling Java RE v6 in OS X 10.7 or later
  1. Go to Macintosh HD > Applications > Utilities > Java Preferences > General tab.
  2. NOTE: If you get a message stating 'To open "Java Preferences," you need a Java SE 6 runtime. Would you like to install one now?' click "Not Now" (you do not have Java RE v6 installed - go to disabling the Java plug-in in your web browsers).
  3. Make sure no Java versions are ticked under "On".
  4. Then go to the 'Network' tab and untick "Keep temporary files for fast access" and click "Delete Files…". Click "OK".
  5. You are now also recommended to switch off Java in your web browsers.
NOTE: If you need Java and have installed Java Update 2012-006 or later from Apple you will have no Java Preferences in Applications > Utilities or a Java plug-in so you are recommended to install Java RE v7 to give you the most up to date Java RE, a Java plug-in and a Java Preferences pane in System Preferences.
Disabling Java RE v5/v6 in Mac OS X 10.5 or 10.6
NOTE: Java will not work at all including locally installed applications that may require it.
  1. Go to Macintosh HD > Applications > Utilities > Java Preferences > General tab.
  2. Make sure no Java versions are ticked under "On".
  3. Then go to the 'Network' tab and untick "Keep temporary files for fast access" and click "Delete Files…". Click "OK".
  4. You are now also recommended to switch off Java in your web browsers.
Disabling Java RE in Mac OS X 10.4 or earlier
You cannot switch off Java in Mac OS X 10.4 or earlier and there is no Java Preferences so make sure you delete any (Java plug-ins and also switch off Java in your web browsers.

Disabling the Java plug-in In Your Web Browsers

NOTE: Java applets will not work in your web browser but locally installed Java applications may still work (see disabling the Java RE for your OS).
NOTE: You need to disable the Java plug-in for each and every web browser that you use/have installed.
  • Apple Safari - open Safari > go to Safari menu > Preferences… > Security tab > untick "Enable Java"
  • Apple Safari 5.1.9 (for Mac OS X 10.6) / 6.0.4 (for OS X 10.7/10.8) or later - open Safari > go to Safari menu > Preferences… > Security tab > untick "Allow Java" or you can tick it to enable it and you now have control of the Java plug-in for individual websites by clicking the "Manage Website Settings…" button
  • Camino - open Camino > go to Camino menu > Preferences… > Security tab > untick "Enable Java" [WARNING: discontinued 31/05/2013]
  • Google Chrome - open Google Chrome > go to Google Chrome menu > Preferences… > click "+ Show Advanced Settings" > click the "Content settings" button under the 'Privacy heading' > under the 'Plug-ins' heading click "Disable individual plug-ins…" > click "Disable" for 'Java'
  • Chromium - open Chromium > go to Chromium menu > Preferences… > click "+ Show Advanced Settings" > click the "Content settings" button under the 'Privacy heading' > under the 'Plug-ins' heading click "Disable individual plug-ins…" > click "Disable" for 'Java'
  • Mozilla Firefox - open Firefox > go to Tools menu > Add-ons > click "Plugins" on the left > click "Disable" for 'Java Applet Plug-in'
  • iCab - open iCab > go to iCab menu > Preferences… > Java icon > untick "Execute Java applets"
  • Omniweb - open Omniweb > go to Omniweb menu > Preferences… > Security icon > untick "Enable Java"
  • Opera - open Opera > go to Tools menu > Advanced > Plug-Ins > click "Disable" for 'Java Applet Plug-in'
  • Seamonkey - open Seamonkey > go to Seamonkey menu > Preferences… > select "Scripts & Plugins" on the left under the 'Advanced' heading > untick "Enable Plugins for Suite"
  • Stainless - open Stainless > go to Stainless menu > Preferences… > Security tab > untick "Enable Java"
  • Sunrise - open Sunrise > go to Sunrise menu > Preferences… > untick "Enable Java" under the 'Security' heading
  • TenFourFox - Java is not supported (because plug-ins are not supported)
REMOVING THE JAVA PLUG-IN FROM YOUR OS
NOTE: Java applets will not work in your web browser and they never will until you reinstall Java. Only follow these instructions if you will never use Java on the internet. If you are unsure simply switch off Java in all your web browsers.
  1. Go to Macintosh HD > Library > Internet Plug-Ins folder and remove/delete any of following items if they are present:
    • JavaAppletPlugin.plugin (alias/shortcut)
    • JavaAppletPlugin.plugin
    • JavaPluginCocoa.bundle
  2. Go to Macintosh HD > Users > your home directory > Library > Internet Plug-Ins folder too and remove/delete any of the above items if they are present.
NOTE: If there are multiple users on your computer you should remove the plug-in from each user account's Library.
NOTE: If you have OS X 10.7 or later your user Library folder is hidden. It can be accessed by going to the Go menu > Library while holding down the alt (option) key.
Mac OS X Applications that (may) require a Java RE
  • Components of Adobe Creative Suite and individual applications e.g. Adobe Flash
  • Components of OpenOffice i.e. the Base application and the suite's wizards, accessibility and assistive technologies - see Open Office and Java
  • Angry IP Scanner
  • Brother printer administration software "BRAdmin Light.jar"
  • ClickRepair
  • CrashPlan app versions 3.6.2 and earlier (3.6.3 or later includes Java within the application)
  • Cyberduck
  • DbVisualizer
  • Emailchemy (for Mac OS X 10.6 and earlier)
  • Eudora OSE
  • FileMaker Pro Server (but not the client version)
  • GraphicConverter
  • Greenfoot
  • Jim
  • Moneydance
  • myPhoneDesktop
  • NetBeans
  • Symantec Norton Antivirus 11 - requires Java for LiveUpdate to work
  • Symantec Endpoint Protection 12
  • PDF OCR X 1.x (2.x or later includes Java within the application)
  • PDFKey Pro
  • Postbox
  • RazorSQL
  • SQLEditor
  • TiVo Transfer
  • ViewONE Standard / Pro
  • Vuze aka Azereus
  • Zumocast

Java Bundled Adware

As of the 4th March 2015 (Java 8 Update 40) Oracle is now bundling adware with their Java installer! Initially it was ask.com but currently it is Yahoo.
  • Adware is a search App/toolbar (browser extension) that gets added to your web browser by installing Java.
  • It is an optional installation but it is opt-out i.e. by default it will be installed - you have to explicitly tell the installer not to install it (see picture below).
  • Only new/clean installations of Java will give the option - however, full OS X system upgrades/clean installs may require Java to be reinstalled so this is a problem to also look out for when migrating computers or reinstalling/upgrading your OS.
  • If you already have a version of Java 8 earlier than Update 40 installed, the adware is not installed and the option to install it does not appear.
If you are installing Java 8 new/cleanly then you will get the below option screen during the installation process - to not install the Yahoo adware UNTICK "Set Yahoo as your homepage and new tab page on all browsers, plus get Yahoo as your default search engine on Firefox.": Java 8 Yahoo adware installation screen shot The older Ask.com adware screen looked like this - to not install the Ask.com adware UNTICK "Set Ask.com as my browser homepage": Java 8 Ask.com adware installation screen shot

How To Disable/Remove The Adware Installation Option

Once Java is installed, you can turn off the option appearing in future installations/updates by going to Apple menu > System Preferences > Java (this will open the Java Control Panel separately) > Advanced tab > scroll to the bottom and TICK "Suppress sponsor offers when installing or updating Java" > click "Apply" (see the picture below). Java 8 Ask.com adware installation screen shot

How To Disable/Remove The Ask.com Adware On A Mac

Apple Safari Browser
  1. Quit all running applications except Safari.
  2. In Safari go to the Safari menu > Preferences > Extensions and turn the Ask extension off.
Mozilla Firefox Browser
  1. Quit all running applications except Firefox.
  2. In Firefox go to the Tools menu > Add-ons > click Extensions on the left > locate the Ask extension on the right and click the "Disable" or "Remove" button next to it.
Google Chrome Browser
  1. Quit all running applications except Chrome.
  2. In Chrome go to the Chrome menu > Preferences > Settings > Manage Search Engines and remove Ask.
  3. Go to the Preferences > Extensions tab and remove the Ask extension (click the Trash icon next to Ask).

Article Keywords: OSX 105 106 107 108 109 1010 1011 1012 Snow Leopard Mountain Lion Mavericks Yosemite ElCapitan Sierra OSX Mac OS X macOS standard edition Oracle JRE Java RE run time runtime environment FX JavaFX standard edition malware malicious trojan driveby drive-by virus security secure securing disable disabling remove removing plugin plugin applet block blocking

This article is © MacStrategy » a trading name of Burning Helix. Apple, the Apple logo, and Mac are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc.


If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix Limited to help fund this web site.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix Limited to help fund this web site.

Go to this
web page
to donate to us.