plugin check not working
The Firefox plugin checker is reporting "vulnerable - Update Now" for my Java Deployment Toolkit 7.0.510.13. and Java(TM) Platform SE 7 U51 plugins.
The 'update now' link takes me to the Java download page which invites me to download the latest Plugin 7.51. but i already have 7.51 installed so the plugin checker is incorrectly displaying "vulnerable - Update Now". I have had 7.51 installed since January 17th and run the plugin checker on a weekly basis so i'm not sure why it has suddenly decided that this is a vulnerable plugin.
I am running Firefox 28.0 on Windows 7
thanks ...
All Replies (20)
P.S. You wrote, There is no way of knowing if a new update has arrived whether it be a security update or not unless you click on the green up-to-date button every day,
That's not true. You can check for updates from the Java Control Panel "Update" tab. See http://kb.mozillazine.org/Java#On_Windows
I just did that on my Window 7 computer, where I currently have Java 7 U55 installed, and it tells me that Java 7 Update 60 is available for download.
I was referring to the plugin check in general rather than specifically the Java plugin.
I see that you asked an earlier question about PluginCheck back in January 2014.
- /questions/982481 plugin check not working
In that case, the issue was the VLC Media Player's plugin being reported as outdated. The related Mozilla bug was Bug 939699 - Update VLC plugin to 2.1.2
If your question is a general one regarding why the PluginCheck website can't be kept updated, hopefully the HelpDesk can answer or at least tell you how to submit your concerns to Mozilla. I don't even know if you should use the Firefox feedback avenue input.mozilla.org/feedback to submit PluginCheck feedback. Technically, PluginCheck isn't part of Firefox, it's a Mozilla website that can be used to check your plugins using Firefox, but can also be used in Safari, Chrome and other browsers (ref.).
Here is a list of all of the open PluginCheck bugs, FYI
Looks like a user has taken the initiative to file a separate bug for the toolkits: [Bug 1008387 - Java Deployment Toolkit is labeled as known to be vulnerable. Use with caution. (edit) ]
Bug still occurring - did you get a reply from a Mozilla employee?
You wrote, Bug still occurring - did you get a reply from a Mozilla employee?
guigs2 is a Mozilla (Helpdesk) employee. I don't know if she is going to reply further but, here's my take on this:
guigs2 referred to Bug 1008387 - Java Deployment Toolkit is labeled as known to be vulnerable. Use with caution. That bug is still open, and is about the Java Deployment Toolkit plugin being shown as "vulnerable" in the Add-ons Manager but not on the PluginCheck page. I keep the Java Deployment Toolkit plugin set to "Never Activate" (disabled) in the Add-ons Manager Plugins list, so it doesn't show up on the Mozilla PluginCheck page. The Deployment Toolkit plugin doesn't need to be enabled - see http://kb.mozillazine.org/Java#Java_Deployment_Toolkit_plugin ... which links to http://www.java.com/en/download/faq/deployment_toolkit.xml
Are you asking why Java(TM) Platform SE 7 U55 Next Generation Java Plug-in (Java 7 Update 55) is still being shown as up-to-date on the Mozilla PluginCheck page, when Java 7 Update 60 is the latest version? Or is your question more general: why can't PluginCheck be kept updated?
Java 7 Update 60 isn't a security release, like I mentioned before. Just a GUESS but maybe that's why no one has filed a bug report? I really don't know. Anyway, I don't think this is anything that Mozilla Support can answer. The best I can suggest is to submit feedback to input.mozilla.org/feedback or file a new bug report at bugzilla.mozilla.org under the Websites - plugins.mozilla.org component (you can use this form after registering at bugzilla).
Yes the bug is that it is showing a plugin as up-to-date (java v55) when it isn't (java v60 available). I don't know if it's specifically the Java one that only has the problem as it is the only one i've found to be showing incorrectly. i did read about the bug report that was referred to by guigs2 but it appeared to be about a different issue so i wondered if someone was looking at the one i found.
richlaughlin, I would wait until you've updated to Firefox 30 (which should be released very soon) and then post back. The PluginCheck website is being reworked for Firefox 30 and that might make a difference in your results (ref.)
ok, thank you.
I now have Firefox 30 and the fault still exists - it is still telling me v55 is up to date when v60 is available
In fact there is another fault. It is telling me my Adobe Acrobat NPAPI Plug-inAdobe Acrobat NPAPI Plug-in is vulnerable (11.0.7.79 Update Now) but when i click on update now it just reloads the plugin check.
And on my XP machine i report a 3rd fault with plugin check. It is reporting a vulnerable plugin and the Update Now link is dead.
MetaStream 3 PluginnpViewpoint Plugin vulnerable 3.2.2.26 Update Now
http://www.viewpoint.com/technologies/viewpoint-media-player.shtml not found
thanks ...
..and finally. I can report that the up-to-date issue with the Java plugin is not specific to Java, it happens with other plugins.
My Adobe Flash Player -Shockwave Flash is reporting up-to-date at version 13.0.0.214, yet when i hit the up-to-date green button, Adobe Flash Player is at Version 14.0.0.125. which is a major version behind, even if the old version is not perceived as vulnerable.
richlaughlin, I checked the list of open PluginCheck bugs and I see that two bug reports were just filed about the PluginCheck /Firefox 30 /Adobe Acrobat issue. (Please don't add comments to bug reports unless you have something constructive to add - see Bugzilla Etiquette):
- Bug 1023653 - Adobe Acrobat plugin on Windows detected as Mac, can't update
- Bug 1023718 - Plugin checker for newly installed FF 30.0 shows Adobe Acrobat plugin "vulnerable" but update button just reloads plugin checker
You can follow those bugs by "voting" for them. It's very likely that the other PluginCheck bugs you noticed will be reported, now that Firefox 30 is out. You could file a new bug report yourself on the other PluginCheck issues, like I mentioned earlier, if you wish.
P.S. Regarding your last comment, My Adobe Flash Player -Shockwave Flash is reporting up-to-date at version 13.0.0.214, yet when i hit the up-to-date green button, Adobe Flash Player is at Version 14.0.0.125. which is a major version behind, even if the old version is not perceived as vulnerable.
Adobe Flash Player version 13.0.0.214 IS vulnerable and you should update to version 14.0.0.125 - see Adobe's security bulletin:
http://helpx.adobe.com/security/products/flash-player/apsb14-16.html Security updates available for Adobe Flash Player Release date: June 10, 2014
ok i'll keep an eye on those 2 bug reports and attempt to add one for the up-to-date being falsely reported.
regarding the Adobe Flash Player, that is a different bug again if a vulnerable plugin is not being reported as opposed to the java one which is not vulnerable but just out-of-date - i'll try to add one for that too
how do i vote for a bug?
You can vote for the bug by clicking the "vote" link as shown in the screenshot I've attached.
By the way, the Adobe Acrobat plugin bug is new in Firefox 30. I don't see it in Firefox 29.0.1 (I have both Fx 29.0.1 and Fx30 installed on my Windows 7 computer, in different folders)
The Adobe Flash plugin detection problem, where Flash 13.0.0.214 is seen as up-to-date on he PluginCheck webpage, is the same for me in Firefox 29.0.1 and Firefox 30. I'm sure that will be updated soon since Adobe's Flash Player security bulletin was just released yesterday.
I have created bug reports 1023835 and 1033838 to go with the two already created and voted on all.
Yes i agree the Adobe Acrobat plugin bug is new in Firefox 30.
I have also created a bug report for the vulnerable plugin with an 'update now' dead link #1023889