This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Plugin check reports outdated Java on Mac, but Apple update says it is up to date

  • 16 ŋuɖoɖowo
  • 237 masɔmasɔ sia le wosi
  • 16 views
  • Nuɖoɖo mlɔetɔ AliceWyman

more options

This is on a Mac I used the "Plugin check" to make sure all the plug-ins were up to date. It said the Java plugin needs to be updated. That takes me to the Java page, which says that Apple supplies its own version of Java and to use Apple Update. Apple update says the system is up to date.

The plugin checker should report an error only if the version of Java can be updated. It cannot be on a mac.

This is on a Mac I used the "Plugin check" to make sure all the plug-ins were up to date. It said the Java plugin needs to be updated. That takes me to the Java page, which says that Apple supplies its own version of Java and to use Apple Update. Apple update says the system is up to date. The plugin checker should report an error only if the version of Java can be updated. It cannot be on a mac.

Ŋuɖoɖo si wotia

That's a known bug. See the contributor forum discussion starting here:

.... and the solution given in the related bug report:

Quote:
Jorge Villalobos [:jorgev] 2012-04-06 08:57:12 PDT

(In reply to Verdi from comment #24)
> I just got a new Java update for Mac 10.7 (Java for OS X Lion 2012-002) this
> morning. The Java Preference app says I now have Java SE 6 Version
> 1.6.0_31-b04-414 but my plugin version has not changed (with either update)
> and plugin check lists it as vulnerable.

Try closing Firefox, deleting pluginreg.dat from the profile folder and starting again. This is the problem described in bug 313700.


Note: The Profiles - Where Firefox stores your bookmarks, passwords and other user data article explains how to open the Firefox Profile folder on Mac OS, so that you can delete the pluginreg.dat file. Make sure you close Firefox after opening the profile folder in Finder.

Xle ŋuɖoɖo sia le goya me 👍 4

All Replies (16)

more options

That's a known bug: Bug 573848 - Java Embedding Plugin reported as out of date, when up to date

The Java Embedding Plugin is bundled with current Mac distributions of Mozilla browsers, including Firefox. The latest version of the JEP should be 0.9.7.3 - see http://javaplugin.sourceforge.net/ for more information.

Apple provides the Java software needed for running Java applets via Apple's Software Update feature. The current Java version offered by Apple for OS X 10.6 is Java 1.6.0_20. You can test your Java version at these sites:

Ref:

AliceWyman trɔe

more options

Apple FINALLY issued an update (October 21, 2010) that resolves this problem. Java is updated to Java SE 6 to 1.6.0_22.

more options

Thanks for the information. I installed the latest Java update today ( via Apple's Software Update which installed Java version 1.6.0_22 . I just visited the Plugin Check page and it now shows that the Java Embedding Plugin 0.9.7.3 (status: 1.6.0.22) is up to date.

more options

Well, after Apple's second Java update last week, which brings Java under Mac OS Lion to 1.6.0_31, I still get the message that Java is vulnerable in Firefox 11.0. I guess Mozilla needs to update their Java version list on https://www.mozilla.org/en-US/plugincheck/ web site?

more options

Ɖɔɖɔɖo si wotia

That's a known bug. See the contributor forum discussion starting here:

.... and the solution given in the related bug report:

Quote:
Jorge Villalobos [:jorgev] 2012-04-06 08:57:12 PDT

(In reply to Verdi from comment #24)
> I just got a new Java update for Mac 10.7 (Java for OS X Lion 2012-002) this
> morning. The Java Preference app says I now have Java SE 6 Version
> 1.6.0_31-b04-414 but my plugin version has not changed (with either update)
> and plugin check lists it as vulnerable.

Try closing Firefox, deleting pluginreg.dat from the profile folder and starting again. This is the problem described in bug 313700.


Note: The Profiles - Where Firefox stores your bookmarks, passwords and other user data article explains how to open the Firefox Profile folder on Mac OS, so that you can delete the pluginreg.dat file. Make sure you close Firefox after opening the profile folder in Finder.

more options

Thanks. The solution worked perfectly. Wish they would include a fix for that in the next version of FF for Mac OS X.

more options

Thanks for the solution, AliceWyman. It worked for Mac OS X 10.7.3, Firefox 11.0.

I apologize for giving incorrect feedback about helpfulness of the Profiles article, as it did not show how to open the Firefox Profile folder on Mac OS. I was looking at the article on my PC with Windows Vista when I gave that feedback, and I was not logged in. It then occurred to me to look at the Profiles article on my Mac, and here I did find how to open the Firefox Profile folder on Mac OS.

prpl62 trɔe

more options

The Firefox Support (SUMO) Knowledge Base pages have a selection list in the column at the right site to select the platform including Mac OS X and the Firefox version. Unfortunately that "Article is for" setting is pushed down by other content in that column and thus is easy to miss.

more options

No worries. I'm a serious Mac Tech guy and found it without looking at the article. Once you know what file to look for it's a simple process:

  1. Quit Firefox
  2. Open Terminal app
  3. cd ~/Library/Application Support/Firefox/Profiles/<your profile id>.default
  4. rm pluginreg.dat
  5. Relaunch Firefox and all plugin reports should show up to date.

stulevine trɔe

more options

Done all that but still no joy. I'm on Mac OS X Lion Server 10.7.3. Java is up-to-date but Firefox 11.0 still continues to report insecure version of Java.

$ java -version java version "1.6.0_31" Java(TM) SE Runtime Environment (build 1.6.0_31-b04-413-11M3623) Java HotSpot(TM) 64-Bit Server VM (build 20.6-b01-413, mixed mode)

more options

falxton,

I'm on Mac OS X Lion 10.7.3, not server. So, with that said, and since you are using server, make sure to remove that file for the user that you use when logged into the server and when you run Firefox. If there are multiple users, each one will have their own Firefox profiles folder. And, in some cases, you may even have multiple profiles for the same user. Just make sure to remove that file from all of them if you don't know which profile use use when you run Firefox.

more options

stulevine,

I am somewhat tech savvy, and I appreciate your post. But please clarify #3 and # 4 in your post.

Re #3, do you enter the entire text on this line (after the <3.> ?

Oops!. I just opened Terminal on my Mac mini--I think that I had better not mess with it!

Re #4, does <rm> stand for remove? (I was successful by following the instructions given by AliceWyman.)

prpl62 trɔe

more options

stulevine, I've already confirmed it is the correct profile. There is only one user, and one profile. Besides, using about:support will lead you to the folder that Firefox is using for the profile.

I have confirmed that the Firefox plugin analysis shows the incorrect version of java. I have 1.6.0_31 but it reports 1.6.0_29. I determined this by looking in pluginreg.dat. So in my case, it is not the it is not being refreshed, it is that Firefox is determining the wrong Java version. And yes, I only have one Java on my system. Confirmed on the command line and Java Preferences control panel.

I'm just going to leave it. Too much else to do, I just wanted to report that it is determining the wrong version of Java on my system.

Same results on my Macbook running 10.7 Lion (not Server).

more options

Visit browsercheck.qualys.com for correct Java detection.

more options

browsercheck.qualys.com was what led me down this path, it was the first I saw complaining of insecure Java. They said Firefox was not detecting Java properly.

OK, today, Apple released Java for OS X 2012-002, which *again* updates Java to 1.6.0_31. I know, I know, that is what 2012-001 supposedly did.

They apparently did not update the version number in a place Firefox looks.

All is good now, Firefox and browsercheck.qualys.com are both happy. And so am I ;-)

more options

For the record, Apple released Java for OS X Lion 2012-002 on April 6.

P.S. Apple released another Java update today for OS X Lion (That makes three Java updates in one week!): Java for OS X Lion 2012-003


Quote:
This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.

Java for OS X Lion 2012-003 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for OS X Lion.


More here:
About the security content of Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8

AliceWyman trɔe