- Apple blocks Java due to security threat

- Enterprise users frustrated, can't update Java, Java won't run 

- How to get Java back on the Mac

- UPDATE: Apple allows banned Java back on the Mac after update

Apple has barred Java from running on Macs, leaving companies that rely on Java plug-ins out in the cold. 

Apple blocked Java 7 Update 11 by adding it to the banned list in XProtect.

This is the second time in two weeks that Apple has blocked Oracle's code from running on Macs. This time Java is blocked through Apple's XProtect anti-malware feature.

Java has come under fire as the means by which hackers have been able to gain control of computers. In April 2012 more than 600,000 Macs were reported to have been infected with a Flashback Trojan horse that was being installed on people's computers with the help of Java exploits. Then in August Macs were again at risk due to a flaw in Java, this time around, there was good news for Mac users: Thanks to changes Apple has made, most of us were safe from the threat.

Unwilling to leave its customers open to potential threats Apple has apparently decided it's safer to block Java entirely.

Macs running OS X Snow Leopard and beyond are affected.

While for some blocking Java is unlikely to effect productivity, a number of businesses are reliant on Java. For example, the software Macworld uses to upload PDFs to our printers uses Java. Some enterprise users utilize Java and may experience a loss in revenue as their software ceases to work.

As one forum post on Apple's Support Communities reads: "THIS IS A NIGHTMARE FOR ENTERPRISE JAVA USERS. Oracle EBusiness uses Java as a web application. For Apple to do this, and not even give a head's up to their customers who utilize Macs for Enterprise, is horrendous customer service.  A dialogue box that at least tells their users WHY Java has suddenly, in the middle of the day, quit working would be more helpful than the nonsense that happened today."

Another writes on separate Apple forum: "There are government-run aviation-related websites people use to gather critical information and that still use Java."

For those who are missing Java, the fact that no actual exploit has been identified is frustrating.

However, on 10 January when a Java vulnerability was being exploited, Apple reacted by blocking Java 7 until Oracle issued Java 7 Update 11 as a fix to the zero-day security flaw on 14 January. 

That threat was so serious that the US Computer Emergency Readiness Team, part of the US Department of Homeland Security, urged users to disable Java in their webbrowsers.

Also, it's not only Apple who is blocking Java. Mozilla also blocked Java by default in Firefox, although you can still re-enable Java in Firefox manually.

Apple has already stopped bundling Java with OS X by default.

As far as we can tell, XProtect will continue to block Java on Macs until Oracle releases an update.

How you can get Java back

There are a number of forum posts on Apple's discussion boards suggesting ways to get Java to run on the Mac.


One forum poster writes:

Here's what I did to fix what Apple broke: The Auto Anti-Malware is installed in the following location. Navigate to /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/
The two files you want to look for are: XProtect.meta.plist and XProtect.plist.
Launch Time Machine to yesterday (30 January) and find these two files and restore them. You will get a prompt to replace existing or keep both. I kept both. The time machine backup files have ..(original) in the file name. I renamed the new files (date time stamp of 3:46 pm today) and the renamed the ..(original) files by deleting the (original)...
Restarted my browser and I am good to go.
Java web start works and I am able to continue my test and dev work. 

Follow Karen Haslam on Twitter / Follow MacworldUK on Twitter


Digest: A history of the Mac Flashback Trojan