Java 7 Alert - Java 7 Vulnerability
Please Note: All Pace users should be using Java 6 with Pace systems. Using Java 7 at this time will cause compatibility issues with Pace systems.
Java 7 Alert - Java 7 Vulnerability (Java 6 Download Instructions for Pace Use)
In October 2012, a vulnerability was discovered which affects Java 7 (1.7.0 Update 6). The vulnerability allows malicious code to be run on a system. This can occur by visiting a maliciously crafted web page using a web browser that has the Java plug-in enabled. Oracle had released an official patch that was to resolve that vulnerability issue. However, a more recent article indicates that the vulnerability has not been resolved. To view the article found on CNN Tech, click the following link: Critical Java vulnerability due to incomplete earlier patch.
At this time, Pace DOES NOT recommend using Java 7 since it is not yet supported by our system vendors for applications such as Kronos and Banner. Pace is currently supporting Java 6 for use with Pace systems. Using other versions at this time will cause compatibility issues and/or security issues. Below are instructions for obtaining and setting up any configuration settings necessary for the supported version.
Instructions for downloading and using Pace-supported Java 6 for Pace Systems
What Version Do I Have?
- Click Start and select Control Panel
- Click Java and then select About (You will see the current version of Java that you are running listed in this window. If you are using Java 6 continue to the Configuring Auto Updates to be Disabled so Java will not auto-update (Recommended) section below)
- If you are using any version of Java 7 uninstall it using the instructions below:
a. Click Start and select Computer
b. Select Uninstall or change a program
c. Click Java 7 and press Uninstall
Installing Java 6 (Be sure to close all browsers prior to installation.)
- Go here: http://www.java.com/en/download/manual_v6.jsp
- Click on Windows Offline (32-bit) or click http://javadl.sun.com/webapps/download/AutoDL?BundleId=71310
Click Save and then Run the file
IMPORTANT: In the following 3 steps, be sure to uncheck any boxes that say “Include this software” before clicking Next.
- Click Install and clickClose
Configuring Auto Updates to be Disabled so Java will not auto-update (Recommended)
- Click Start and select Control Panel and select Java
- Click the Update tab
- Uncheck Check for Updates Automatically
- Click Never Check
Enabling Java 6 on Firefox
- Open Firefox
- A message will appear notifying you of the Java program installation, check the Allow This Installation boxand click Continue and then selectRestart Firefox
- Click Tools or the Firefox tab on the upper left hand of the screen and select Add-ons
- Click Plugins from the left and search for Java(TM) Platform SE 6 U38 6.0.380.5
- Click Enable (Note: If it says Disable, that means it is already Enabled)
NOTE: The below error message will appear each time you log into either Kronos or Banner, click the little block to enable the plugin. This message will appear because Java 6 is not the newest Java available, which is Java 7. Java 7 contains security vulnerabilities, and does not currently work on Pace systems.