Headline: Oracle Java 7 plug-in blocked by Safari in the wake of a zero-day exploit
Apple has blocked Safari on Macs from running Oracle’s Java 7
in the wake of a zero-day exploit for Java:
New Year Java Zero-Day Attacks Under Way
To verify this on your own machine:
1. Open Safari on a 10.7.x or 10.8.x Mac
2. Go to http://www.java.com/en/download/testjava.jsp to test your Java browser plug-in.
Instead of a report that Java is working, you’ll receive a Blocked Plug-In message.
I’ve verified that 10.5.x and 10.6.x Macs do not appear to be affected by this, as they are not running Java 7.
Oracle has not yet released an updated Java 7 installer, so there’s nothing currently available to fix this issue. The latest Java installer for OS X was released in November 2012 and contains the vulnerability.
The best workaround at this time is to use Firefox. I tested with Firefox 18 and Firefox is not blocking the Java plug-in at this time.
Chrome will not work as an alternate browser, as Oracle’s Java 7 browser plug-in only works with 64-bit applications. Firefox and Safari are both 64-bit, but Google Chrome is a 32-bit application.
If the Java application you need to run does not require Java 7, you can also re-enable the Apple Java 6 browser plug-in. You can do this using the procedure.