Mozilla has begun blocking an unsecured Java plugin for its Firefox browser.
The move, applied through the open source outfit's Plugin Check feature, is intended to protect Firefox fans from a recently discovered security flaw affecting the Java Deployment Toolkit on multiple flavours of Firefox.
Discussions on Bugzilla show this is unrelated to a flaw in Java Web Start affecting multiple browsers and patched by Oracle via an out-of-sequence (emergency) update last week.
Several other insecure plug-ins are already blocked through Plugin Check, as listed on Mozilla's website here. Often such moves are applied in response to frequent instances of browser crashes, a problem that applies to versions of Yahoo Application State Plugin, Skype and AVG SafeSearch, for example. In other cases, such as Apple QuickTime Plugin version 7.1, the block relates to a security vulnerability in the add-on software.
Screenshots illustrating how the Plugin Check technology blocks the Java plugin can be found in a blog post by F-secure here. Mozilla, which launched Plugin Check as a Firefox-only service last October, has plans to expand the technology to warn of potential problems with add-ons to other browsers, as explained in our earlier story here. ®