Previous 1 2 3 4 5 Next 72 Replies Latest reply: Jun 10, 2015 6:08 PM by jérômefromnice Go to original post
  • SWS_SB Level 1 Level 1 (25 points)

    I've posted this elsewhere, isn;t the best but is fairly fast and has been proven in the wild:  For 10.6.8 users, the only 'fix' I have that works so far: Deleting the XProtect source file that lists the blacklisted Java (supposedly it can also be edited in Terminal).

    Using Finder, go to System - Library - CoreServices and righ-click on CoreTypes.bundle. Choose Show Contents and then go into Contents, then the Resources folder in the new window that opens. Scrolling to the end will show Xprotect.meta.plist in the list, I deleted that file and then was able to run.


    Upon a reboot this file will get re-built, however, so it isn't permanent fix. Going into System Preferences and Security, clicking the lock icon to change settings (enter password) and unchecking the 'Automatically update safe downloads list' prevents the file from getting rebuilt. This isn't the safest bet for people who are not the safest of computer users, but should be OK short term. Only Java and Flash are listed in the file, really, so not too big an issue since Java 6 update 37 should be the only Java installed.  Hopefully Oracle and Apple get this resolved quickly for 10.8, but I suspect that 10.6 and Java may never be friends again without killing the xprotect.meta.plist.

  • alucasTHX Level 1 Level 1 (5 points)

    OK.  I have a fix for you all that seems to work especially if you need Java 6u37 working on any computer Apple disabled it on.  This will work best on 10.6 but can work on 10.7/10.8 as well.

    Do not attempt this if you do not know what you are doing.

    I will not be held responsible for your system if it stops working or you expose yourself to a virus.  If you are a novice user, you attempt to do this, and something goes wrong, remember you were warned.




    Using whatever editor you want at command line as root or using sudo, you will need to edit:

    /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.p list




















    And best of all, change:


    <string>Thu, 31 Jan 2014 16:55:59 GMT</string>


    To any date in the future.  (Bad programming on Apple's part but repreive for those of us who have to support archaic Oracle based systems that won't work under Java 7+.)  It won't update again until after the date you put in there.


    DO NOT Delete any of the lines that have to do with version number because it will allow older versions of Java, which are not secure, to run.  I would also not recommend that you change the date too far ahead if you are on 10.7/10.8 and are running Java 7 because the security holes in Java 7 are horrible.

  • Ricki A. Mc Mahon Level 1 Level 1 (5 points)

    I spent the wee hours of the night...about 6 of them-all night-- trying to figure out why this was happening.

    Then I found out.  Now, I've seen posted on here a number of times ways to work around the blocked

    plug-in... but my question would be  "Why?" 


    Why would you want to make your computer vulnerable to some jerk from god only knows where getting in

    there without you knowing it and stealing your information? Isn't that cutting off your nose to spite your face? 

    There are over 250,000 ID thefts per day.  Want to add your name to the list?  I sure don't! 


    I'm glad Apple has that control and did this.  Yes, it would have been nice to be notified but....  I'd still

    rather be without Java for a day or two now,  than be very sorry later.


    I'm sorry the control over Java in the more recent OS has been given to Oracle.  I'd rather have Apple

    looking out for me.  That's one reason we all buy Macs......they're safer!


    Just thought I'd add my 2 cents.....for whatever it's worth.

  • alucasTHX Level 1 Level 1 (5 points)

    Why would I want Java 6 working on my computer at work?  I'll tell you why, there is a little company called Oracle.  They make database server software and Java.  Other companies make databases that are used to run businesses.  Those databases keep track of things like finances, employee information, etc.  In educational institutions these databases keep track of student records, donations, finances, employee records, etc.  To access those databases we need JAVA.  Under 10.6.8, Java 6u37 is the last release for 10.6.8 ever because Oracle is discontinuing Java 6 as of Feb. 1 2013.  So we have to re-enable Java 6 because we cannot do our jobs or get paid otherwise.

  • kitkat1126 Level 1 Level 1 (0 points)

    So if I upgrade to the lastest system software from Apple will Java work then? I'm confused.

  • MadMacs0 Level 5 Level 5 (4,680 points)

    kitkat1126 wrote:


    So if I upgrade to the lastest system software from Apple will Java work then?

    Java has been disabled in Safari (and some other browsers) by Apple in all OS X 10.6.7 and above.


    Apple supposedly has an update in testing that will allow it to work again in Snow Leopard.


    Oracle has not announced their plans to patch what are said to be four exploits in Java 7, so at the moment it would not help to upgrade your OS X for that reason, but you should consider it for increased security in other areas anyway.

  • cdenesha Level 1 Level 1 (10 points)



    First, AWESOME research Shirkan.


    In our school system, I disabled Software Update (by pointing it to a non-existent server) in WGM before I went home yesterday. However in my reading/testing this morning I see that the XProtect anti-malware method of updating does not use Software Update but instead is a scheduled launchd item. (


    Question: Is there a way to pump out and run a login script - that uses sudo - via WGM? We do not have a third party management system. When I tried this for another project a month ago I was unable to elevate privileges via login script.





  • kitkat1126 Level 1 Level 1 (0 points)

    So I'm not comforable doing what alucas THX suggested but I think I could try what Shirkan suggests. Is that what you guys would suggest if I'm not an expert? I've never used an editor. My business depends on this. Scared!

  • Shirkan79 Level 1 Level 1 (0 points)

    Hi cdensha,

    you're right. The XProtect update (the plist in this case) is not updated via a SoftwareUpdate. It updates via a launchdeamon or semething when the system starts up. I don't know exactly at the moment, haven't looked for.

    I don't want to brake the update process of XProtect, as it could be useful to protect the system to run any maliciuos software.


    To get the WebPlugin working again, you could try to run a script via a launchdaemon as root.


    at the moment, we (our Company Site) do not need the runtime, only the webplugin so i managed it via a script launched by a launchdeamon:

    Script located in /scripts/






    #changing XProtect.meta.plist to allow only the latest java WebPlugin Version

    defaults write /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta. plist JavaWebComponentVersionMinimum "1.6.0_37-b06-434"



    launchdeamon located in /Library/LaunchDeamons/





    <?xml version="1.0" encoding="UTF-8"?>

    <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST

    1.0//EN" "">

    <plist version="1.0">





















    The launchdeamon executes the script every 60 seconds, because sometimes the lauchdeamon executed the script before the XProtect.meta.plist was downloaded from apple, so the download has overwritten the workaround. So i decided to run it every 60 seconds to overwrite the download again


    With the script, i only set the WebPlugin minimum Version to the latest from Apple available one. The Runtime is still blocked, so you won't be able to run java executables like jar-files etc.


    Hope that helps...




  • Shirkan79 Level 1 Level 1 (0 points)

    And by the way, the solution alucasTHX wrote is more secure then the one in my 1st post.

    My solution deletes the complete string of the javaWebcomponent. So every java version is allowed to run.


    for kitcat1126:

    if you unsure to use an editor, you could do the following:


    open terminal and run


    sudo defaults write /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta. plist JavaWebComponentVersionMinimum "1.6.0_37-b06-434"


    and if you don't want apple to update the plist (in this example until 30 Jan 2014)

    open terminal or use the current open one and run


    sudo defaults write /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta. plist LastModification "Thu, 30 Jan 2014 00:00:01 GMT"



    That enables the latest current available WebComponent of java, but not the older ones. The Runtimes are still disabled. I think Oracle is going to release a newer version asap.





    Edit: I don't know why, but this forum adds a space between XProtect.meta. and plist. This has to be removed, when pasting the code into terminal


    Message was edited by: Shirkan79

  • kitkat1126 Level 1 Level 1 (0 points)

    Thanks Shirkan79 but (you're going to laugh at me or be completely annoyed) but what is a "terminal". I need some kind of step by step instructions here. Pretty please:)

  • kitkat1126 Level 1 Level 1 (0 points)

    Ok I found terminal, do I just copy and paste that string (minus the space) in that window and then hit return?? I'm not going to crash my computer:) *scared*

  • WiseByte Level 1 Level 1 (10 points)

    For the plist challenged, you might wanna try this Java Unblocker app:

  • cliff salter Level 1 Level 1 (0 points)

    I have no idea about, terminal or writing code, so as a workround I have tried SWS_SB's method to remove the Xprotect.meta.plist and it works fine.


    Its obviousy not good to have to do this on a large scale network at each login but as a single user and not needing Java that often it will be ok for me.


    My Java was working fine on the 30th but not on the 31st as other posters have stated. So am I right in believing that at some point Apple took it into their heads to disable Java on 10.6.8 machines. If that is the case and it's been done for security reasons, then that's fine but if its been done for another reason it would be nice to know why. Also, I think there could have been some prior notification.


    Used to love Apple but losing faith.

  • Marc Monaro Level 1 Level 1 (75 points)

    How did this get blocked to begin with? Was something inadvertently installed/updated somehow someway?