Suppress Java update Prompt in IE and Restrict Secuity Setting to End Users
Good Afternoon,
-I am currently working on a application (Java 1.7 JRE). I can not seem to find any information to how to Suppress Java update prompts when coming upon a Java site. there is a msi package that is already created, but my organization would like me to add the suppression of the update prompt as a separate package.
-There is another setting that my organization would like suppress, In Java when you open control Panel, Java, security tab . After the installation I would like to disable any interact to this tab from the end user.
Also this application is running on a windows 7 64bit
Any suggestions would be helpful
Thank you
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Thank you everyone for your help.
I think I found the answer to question 1.
Registry keys for enabling / disabling advanced TAB features and updates TAB
Untick Internet Explorer Plugin
[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in\10.0.0]
"UseJava2IExplorer"=dword:00000000
Untick use next-gen plugin
[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in\10.0.0]
"UseNewJavaPlugin"=dword:00000000
Disable the update TAB in java control panel and disable autoupdates + notifications
[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy]
"EnableJavaUpdate"=dword:00000000
"NotifyDownload"=dword:00000000
but question 2. I still need help with.
My organization has released the Java 1.7 app to the end user, but they would still like me to find a way to block the end user from going into Control Panel\Java\Security tab\ and being able to mess with the Security settings. They would like me to keep the setting but graying them out, so no one can access them. Can some please help me find the answer to this question.
Thanks again guys.
Answers (3)
How about a useful answer to your question...
It sounds like the update prompt you are getting is the one that comes from Internet Explorer, rather than Java itself. There was an update to IE several months back that enabled blocking of what Microsoft considers "out of date" addons. It was designed specifically to target Java, but other ActiveX controls are monitored as well.
Here is a good overview of Out-of-date ActiveX blocking: https://msdn.microsoft.com/en-us/library/dn761713.aspx
There are various GPOs you can create to control this... this section seems most applicable to your situation:
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext" /v VersionCheckEnabled /t REG_DWORD /d 0 /f
Where:
- 0 = Stops blocking outdated ActiveX controls.
- 1 or not configured = Continues to block specific outdated ActiveX controls.
|
As far as your second question, do some research on using a file called "deployement.properties" to enforce Java settings. That will be your best bet to hide the security tab.
Comments:
-
Sorry, but I don't know what you are referring to? - ITreaper 8 years ago
It may be that you have been put off because it refers to Java 8 and you're asking about 7 but these things tend to move/change at a glacial pace and solutions tend to roll on through many iterations. Besides, it's so quick and easy to test things like this with VMs, what's to lose by experimenting?
