Previous 1 2 Next 20 Replies Latest reply: Dec 1, 2013 8:04 PM by Maggg
incubusscott Level 1 (0 points)

Is there a way to disable the xprotect.meta.plist file?  This is what is keeping java from running on OS 10.6.  I have tried modifying the file to show a lower version of java, as well as deleting the file entirely, but when you restart the machine the file loads back in how apple updated it originally.

Mac mini, Mac OS X (10.6.7)
  • SWS_SB Level 1 (25 points)

    Going into System Preferences and Security, clicking the lock icon to change settings (enter password) and unchecking the 'Automatically update safe downloads list' prevents the file from getting rebuilt. This isn't the safest bet for people who are not the safest of computer users, but it does the trick.


  • WZZZ Level 6 (12,845 points)

    You could try locking it after editing.


    sudo chflags uchg /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta. plist


    There is no line break after /Contents  and no space between .meta and .plist



    EDIT: that won't work, a folder can be locked, but not a file.


    Has to be


    sudo chflags uchg /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/


    Message was edited by: WZZZ

  • baltwo Level 9 (62,215 points)

    You could always just remove XProtectUpdater from /usr/libexec/ and that'll stop any changes from occurring after you change the plist file. Alternatively, change the StartInterval in the file.

  • alucasTHX Level 1 (5 points)

    OK.  I have a fix for you all that seems to work especially if you need Java 6u37 working on any computer Apple disabled it on.  This will work best on 10.6 but can work on 10.7/10.8 as well.

    Do not attempt this if you do not know what you are doing.

    I will not be held responsible for your system if it stops working or you expose yourself to a virus.  If you are a novice user, you attempt to do this, and something goes wrong, remember you were warned.




    Using whatever editor you want at command line as root or using sudo, you will need to edit:

    /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.p list




















    And best of all, change:


    <string>Thu, 31 Jan 2014 16:55:59 GMT</string>


    To any date in the future.  (Bad programming on Apple's part but repreive for those of us who have to support archaic Oracle based systems that won't work under Java 7+.)  It won't update again until after the date you put in there.


    DO NOT Delete any of the lines that have to do with version number because it will allow older versions of Java, which are not secure, to run.  I would also not recommend that you change the date too far ahead if you are on 10.7/10.8 and are running Java 7 because the security holes in Java 7 are horrible.

  • alucasTHX Level 1 (5 points)

    Oops, duplicate reply...

  • sique sique sputnik Level 1 (0 points)

    I have made the changes XProtect.meta.plist but I can't save the changes. It states that I do not have the access privileges to the folder that it's in. How do I resolve this?

  • J.L Level 1 (0 points)

    Unchecking the 'Automatically update safe downloads list in Security-panel and moving the file: /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta. plist to another location did it for me.


    Thanks Apple for preventing all mac users at work sending newspaper-pages to our press.

  • shakamar Level 1 (0 points)

    Is the XProtect updater just exclusive to the XProtect.meta.plist?  I'm asking because I  unchecked the automatically update safe downloads list in security, then used time machine to restpre a previous version on the Xprotect.meta.plist and Xprotect plist.  Read that in another post.  (I saved the ones I replaced, just in case).  Then I deleted the XProtect updater (copied that one also to a different place), then went back and rechecked the automatically update safe downloads in security.  Then rebooted.  Java kept working after reboot, but I was wondering if the XProtect updater is exclusive to just the XProtect.Meta.Plist and if that is exclusive for Java, if that makes any sense at all.  I only want to stop the Java from being disabled and still continue to automatically update safe downloads through security.  I'm not anywhere close to where you guys are on fixing these things, and need to know if I've opened myself up to security issues, with the exception of the Java ones by deleting the XProtect updater and will I still continue to receive safe downloads through security.  Hope that all makes some kind of sense and I'm understanding this stuff correctly. Please be patient and keep it kind of simple.  Thank you so much in advance.

  • baltwo Level 9 (62,215 points)

    shakamar wrote:

    Is the XProtect updater just exclusive to the XProtect.meta.plist?

    AFAICT, yes.

    …rebooted.  Java kept working after reboot, but I was wondering if the XProtect updater is exclusive to just the XProtect.Meta.Plist and if that is exclusive for Java, if that makes any sense at all.

    No. The plist also lists Macromedia's Flash Player.

    I only want to stop the Java from being disabled and still continue to automatically update safe downloads through security.

    Don't think that's possible.

  • Silent Partner Level 1 (15 points)

    By disabling XProtect, you are preventing other applications from being detected as security risks; namely Adobe Flash Player comes to mind. If you disable XProtect, you should be diligent about updating any applications that add plugin support to the browser and disable any plugins that you don't actively use. If you'd like to not worry about Flash in particular, a good option is to fully remove Flash and use Chrome for Flash content (or all the time.)

  • shakamar Level 1 (0 points)

    Thank you for the quick reply.  Java 7 Update 13, build 1.7.0_13-b20 (note 13) came through a couple hours ago.  I put the XProtect updater back and rebooted.  So far, Java is still enabled.  Will try Chrome if this latest update doesn't resolve the issue.  I didn't put back the original XProtect.meta.plist that was updated yesterday back in.  Hopefully, I'm good again.  Thank you everyone for your help.

  • ds store Level 7 (30,325 points)

    Java 7 updated  for 10.7-10.8


    Released Feb 1, 2013,  fixes 50+ security flaws


    Download and install



    For Java versions 6 and below OS X 10.5-10.6 machines

    Apple supplies their own version of Java. For Mac OS X 10.6 and below, use the Software Update feature available under the Apple menu to check that you have the most up-to-date version of Java 6 for your Mac.


    Java SE 6 End of Public Updates
    After February 2013, Oracle will no longer post updates of Java SE 6 to its public download sites. We highly recommend downloading and installing Java 7.



    If your considering upgrading OS X from 10.6.8 to 10.8 via AppStore to run Java 7


    Be forewarned no PowerPC based programs or driver software will run any longer.


    Check here BEFORE you upgrade OS X!




    Alternatives if you must run Java 7


    If Apple disabled Java 6 in 10.6, and you can't upgrade OS X to 10.8, then your pretty much done with Java in OS X because Oracle won't issue updates for Java 6 anymore.
    However you can install Windows 7 and continue to use Java 7+ there until support for Windows 7 ends in 2020.

    Windows in BootCamp or Virtual Machine?


    If your on 10.6, I very highly recommend the free Virtualbox for the virtual machine software as it gets updates, VMFusion and Parallels have moved on with only 10.7+

  • MadMacs0 Level 5 (4,722 points)

    Check Software Update...

    APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12


    Java for Mac OS X v10.6 Update 12 is now available and addresses the




    Available for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8

    Impact:  Multiple vulnerabilities in Java 1.6.0_37

    Description:  Multiple vulnerabilities exist in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user.

    These issues are addressed by updating to Java version 1.6.0_39.

    Further information is available via the Java website at

  • baltwo Level 9 (62,215 points)

    The link at Apple's download for Java for Mac OS X 10.6 Update 12 gets redirected to update 11. This is broken and I don't expect any fixes until after the weekend.

Previous 1 2 Next