We send PC’s out to customers that need a very specific version of Java installed; specifically 6.26. I already disable the Java updater but I was wondering if I could block the customer from installing a new version of Java manually without forcing them to run as a limited user. Currently, the PC’s run as local administrators with Windows 7 64-bit.
Perhaps an application that provides a blacklist functionality? I also use the IE9 Blocker Toolkit to disable Internet Explorer 9 installation. Is there a possible equivalent for Java?
Edit based on comments – Java is used with a java applet on our website, not a standalone application. I have no power to alter our site to be compatible with newer version of the software. I’m simply trying to limit the ability to update Java to cut down the amount of support calls.
For the love of God, package your app with a local copy of the Java binary if your app needs a specific version. Don’t rely on the system-installed binary. This prevents the users from being able to update their Java browser plug-ins.
With the recent major vulnerabilities in Java lately, I’d stop using your product immediately if you told me I couldn’t update Java.
That said, if your customers are administrators on these computers, there is nothing you can do to prevent this. Write better code.
- Will Mac OS X 10.5 ever update Java to 1.6 version?
- How to repair Java in Ubuntu after trying to switch to Java 6 using update-java-alternatives
- Stopping Java from showing Update notice to all terminalserver users
- How can I block Java updates, network-wide?
- Can we Uninstall Java on Production Server?
Leave a comment
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?
- Can Windows RDC admin users be immune from being kicked?
- Domain Administrators account policy (After PCI audit)