Disable Java's New Security Warning

Posted in Blog, Tech, Troubleshooting on May 25th, 2010 by Matt – 2 Comments

The most recent release of Java (Version 6 Update 20) has added a new "feature" that offers a yes or no box to "Block potentially unsafe components from being run".


Annoying little box

Many of the web apps we run internally here at the office are apparently made up of half unsigned and half signed code, which is causing everyone with the most recent version of Java to get this pop-up. There is a solution. Open the Java settings under the Control Panel. Go to the Advanced tab. Expand the Security section then the Mixed Code section. These options control weather that dialog is displayed.


Java Control Panel Settings

Setting that option to Disable verification will remove that pop-up. Yes it's a security risk, but I'm fairly sure that disabled was the default level of security of the previous Java versions. I'm sure the pop-up does provide some extra security, but in an environment where each vendor rolls their own crazy web apps and the updates are few and far between, this is more of a hassle than security.

Unfortunately this setting appears to be controlled by a file under each users profile. Specifically C:\Users\username\AppData\LocalLow\Sun\Java\Deployment\ . I can't think of a way off the top of my head to push this setting via group policy. If someone comes up with a solution, please post it in the comments. Until then we will be sticking with Java 6 Update 19 for our environment.