This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Plugin Status Check reports latest Java x64 as vulnerable

  • 2 replies
  • 5 have this problem
  • 6 views
  • Last reply by ADTC

more options

Last night I updated all plugins to show the green "Up to date" buttons in the Plugin Status Check website. However, this morning, it reports that the Java plugin is vulnerable (note: not 'out of date'). Is there a new revealed vulnerability in Java publicized in the last few hours?

There is no new version of Java as of now, as the latest is Java 8 Update 45, released on April 14, 2015. Although it may be of importance to note that I first installed 32-bit version of Java to get the green "Up to date" status, but later also installed the 64-bit version of Java (as I need it instead for my 64-bit Eclipse). Could this have caused the vulnerability flag to trigger? Is there a vulnerability in 64-bit Java that is not present in the 32-bit installation?

I saw a few similar questions on Flash plugin, but I already disabled Flash completely. This is concerning Java.

I am running 32-bit Firefox for Windows. I am on Windows 7.

Last night I updated all plugins to show the green "Up to date" buttons in the Plugin Status Check website. However, this morning, it reports that the Java plugin is vulnerable (note: not 'out of date'). '''Is there a new revealed vulnerability in Java publicized in the last few hours?''' There is no new version of Java as of now, as the latest is Java 8 Update 45, released on April 14, 2015. Although it may be of importance to note that I first installed 32-bit version of Java to get the green "Up to date" status, but later also installed the 64-bit version of Java (as I need it instead for my 64-bit Eclipse). Could this have caused the vulnerability flag to trigger? Is there a vulnerability in 64-bit Java that is not present in the 32-bit installation? I saw a few similar questions on Flash plugin, but I already disabled Flash completely. This is concerning Java. I am running 32-bit Firefox for Windows. I am on Windows 7.
Attached screenshots

Modified by ADTC

All Replies (2)

more options

Chosen Solution

more options

Understood about 32-bit. It is as expected, so I suppose my 64-bit Java installation should not have done anything.

I gather that those articles are posted two days ago, so it should be as recent as it can get. And Oracle is still working on a fix, and that's why there's no new version of Java to update from the vulnerable latest version.

I think I will take the advice and disable Java completely. :)

I think the Plugin Check site has to be enhanced to notify its users that vulnerable plugins may not necessary be out of date. They could be up to date but open to a recently discovered vulnerability. And that it's recommended to keep them disabled until the vulnerability is fixed in a future release.

Modified by ADTC