Apple has once again taken steps to block the Java 7 plug-in using the “Xprotect” anti-malware system built into OS X to enforce a minimum version number that has yet to be released.
As noted by French site MacGeneration [Google translation] and the Apple discussion forums, Apple has once again blocked the Java 7 plug-in using Xprotect.
The updated blacklist enforces a minimum Java plug-in version of 1.7.0_11-b22, while the latest version of the plug-in is 1.7.0_11-b21.
Earlier this month, Apple remotely blocked Oracle’s Java 7 browser plug-in due to a major security vulnerability. Oracle almost immediately updated Java to address the issue.
The exact reason for Apple’s latest block of the plug-in is not known, however reports immediately following the release of Update 11 indicated that it fixed only one of the two bugs that caused the security vulnerability. In the aftermath of that news, cybersecurity officials recommended that most users disable Java even if they had the updated plug-in installed.
