FLASH: Apple has disabled the latest Java update from Oracle
On January 14th, I reported that there was a serious bug in the Java solution that runs within a browser. It was so serious, that the US Department of Homeland Security issued a warning for folks to disable Java in their systems (Note: This only is applicable for browser based Java applets, not standalone Java).
As noted in my post, Oracle did issue a patch. However, as reported by NBC News, the Department of Homeland Security recommended that even with the Oracle fix, Java should remain disabled due to other serious issues.
Apple has gone one more step. They have quietly disabled the latest (supposedly fixed) version of Java in all Macs running Snow Leopard and above. See the following article by Sam Oliver of Apple Insider. It only affects version 220.127.116.11. If Oracle issues a patch, Java should be re-enabled assuming that you’ve not explicitly disabled it via the System Preferences.
There has been some discussion on the apple forums whether Apple’s change only impacts Safari or all browsers working on Macs. Since they disabled it via the Mac OX XProtect anti-malware software imbedded in the OS, it appears to impact all browsers.
So … again … unless you have an explicit need for running Java on your system, I highly recommend that you explicitly disable it. My January 14th post provides instructions.