For the second time in two weeks, Apple pulled Java from its usersâ€™ browsers via an update to its XProtect anti-spyware scanner. The decision, based on the series of security incidents involving Java, has stirred a wave of complaints on the vendorâ€™s support forums.
The XProtect update automatically disables all versions of the Java Web plug-in before version 18.104.22.168, as a number of reports from vulnerability-testing companies revealed that the latest version of Java can still be exploited.
Early in January, the US Department of Homeland Security issued a warning that Java should be disabled, as a weaponized piece of exploit code had made it into the worldâ€™s most famous attack kits.
Unfortunately for Mac users, they will most likely be unable to use Java until â€“ most probably â€“ February 4. However, given the serious security risks they could get exposed to, everybody is better off without Java for now.