New version of Java – security issue

Dear Users,

If you are accessing Blackboard on a non-College PC (i.e. your own laptop, desktop or any computer that you have administrator rights to) you will need to read and note this issue.

Java version 1.6.0_19 has been released. Oracle/Sun has introduced a new practice with this release where users will sometimes be presented with a  warning dialog.

The warning states “Java has discovered application components that could indicate a security concern“. Users are asked if they wish to block potentially unsafe components from being run. If you click ‘Yes’ (which is recommended on the warning and is the default selection), the Java components will not work.

This will disable key components of Blackboard.

If you click ‘No’ – Blackboard will function as normal. However whenever Blackboard tries to run one of its Java applets for the first time during that browser session, the user will see the security warning dialog box. If the applet is to run the user must, contrary to the recommendation in the dialog box, click ‘No’.  This is a per-session decision for that applet alone. If you restart the browser (and therefore the Java Virtual Machine) they will need to make the decision again for each applet.

You will see this warning dialog pop-up up to four times when using Blackboard:

  1. When you first log in, as the ‘Who is online’ tool starts up.
  2. When you try to upload a file using the File Manager
  3. When you try to use the chat/whiteboard
  4. When you enable the ‘HTML editor’ for composing HTML messages or pages

You can see screenshots of the Java dialog box on the Java/Sun website: http://java.sun.com/javase/6/docs/technotes/guides/jweb/mixed_code.html

What can you do?

Note that this new feature of Java is a security feature. We do not recommend disabling it as it may leave your computer open to security attacks. However if the repeated alerts prove frustrating you may do one of two things:

  1. Do not upgrade to Java version 1.6.0_19 or, if you have already done so, downgrade. Then wait for Java version 1.6.0_20
  2. Disable this feature in Java version 1.6.0_19. You can disable the warnings associated with this new security feature introduced in 1.6.0_19 by doing the following:
    1. Open Java control panel (located on the bottom-right on your taskbar)
    2. Click Security
    3. Click Mixed Mode
    4. Click Disable verification

However this is a system-wide global setting that will apply permanently to all applets going forward. As in – it will disable this new security feature on your computer for all websites – not just Blackboard at QMUL.

This issue has been raised with Blackboard and we are waiting a response.

If you have any questions or require any aid please submit a query on our web form: http://www.esd.qmul.ac.uk/vle/forms/vlequery/index.htm

Regards,

VLE Admin

For our FAQ’s and to submit a query to our support team about the VLE please access the IT Services Web Help Desk at https://helpdesk.its.qmul.ac.uk/helpdesk/.  See also our support pages with online guides at http://www.learninginstitute.qmul.ac.uk/elearning/support/vle/