… and nobody notices. Well, not quite. I did have one client put out because they swap files with someone who uses a Java based file loader. What’s more interesting is how Apple disabled it. Like most of you (OK big assumption) I ignored the fact that Apple has a technology they call Xprotect. This is a mechanism whereby Apple can maintain a ‘safe’ list of apps on your computer, and they can make unilateral changes whenever they like. Which I find to be very scary.

But let’s not be hasty- they did it for a good reason. There is a real, active and unpatched* exploit being used against this software, so it makes sense to disable it. But did Apple do the right thing by not telling anybody? Normally we’d expect a notification, a workaround, a link to an update, but nothing?

You can turn this invasive big brother style manager off, and here’s how to do it-

System Preferences/Security & Privacy/ General/ ‘click to unlock’/ ‘put your password in’/ Advanced/ Automatically update safe downloads list <uncheck

Seriously, try it- that is not easy or intuitive! But should you turn it off? Probably not. As I said before, it fixes a real and present threat.


If you’re affected by this issue, you can re set the version of java allowed by editing the Xprotect file, instructions here. Or a smarter idea is to download a new version of Java that is allowed to run here


*Unpatched for a while after the exploit was discovered, I haven’t been able to find out how long

Adam is a 20+ year veteran of the Apple market. He is one of the most highly qualified Apple technical specialists in Australia. You can read more about him here or check out his Google+ profile- Adam Connor