Fundtech JRE 1.7 Update 45 Issues and Resolution 10/17/2013 Summary of Issues Oracle released JRE 1.7 update 45 in the late morning of 10/15/2013. Changes in this version of the JRE created the following issues for web client users: Users who installed update 45 received a security warning message prompting them to allow or disallow the application from running. Some users running older versions of the JRE experienced problems scanning. JRE 1.7 Update 45 Security Warning Resolution Fundtech has completed a HotFix to make changes to the security manifest for the web client. This will eliminate the security warning message with JRE 1.7 update 45. Fundtech has certified the HotFix and has tentatively scheduled production deployment for the morning of Friday, 10/18. Fundtech will be completing a step to automatically clear the Java cache, which will eliminate the security warning message for users who have already taken update 45 prior to the HotFix. If a user continues to see the warning message after the HotFix is applied, they may need to manually clear the Java cache. Detailed instructions are included at the end of this document. Once the HotFix is in place, users on older versions of the JRE (for example, update 21, 25, or 40) will begin receiving security warning messages as shown below. Due to a bug in Java, it is not possible to suppress the message in all instances. As such, it is highly recommended that users install update 45 after consulting with management and technical support for their company and after insuring a clear understanding of how the JAVA update may impact other applications running in their company environment. If the following message appears, users should select Don t Block to proceed.
If the following message appears, users should click Later, and then check the box, Do not ask again until the next update is available to proceed. Web Client Unable to Scan Resolution Java includes a concept called a security baseline, which essentially defines what is considered to be the baseline version of the JRE that can be used for a secure environment. With the release of JRE 1.7 update 45, Oracle has set update 45 as the security baseline. This has resulted in older versions ceasing to work properly with the existing Java security settings. To resolve this issue, there are two options: 1) Update to JRE 1.7 update 45. This is the most secure available version and the recommended option however needs to be considered after consulting with management and technical support and after insuring a clear understanding of how the JAVA update may impact other applications running in their company environment. 2) If upgrading to update 45 is not acceptable, you can continue to run older versions of the JRE by lowering the Java security settings in the Java Control Panel to Medium, however this option reduces the overall security on the computer by allowing all Java code (trusted and untrusted) for that web session to run unchecked which opens risk to allowing potentially malicious code to run. Company management and technical support should be consulted, before implementing this option.
To open the Java Control Panel: o Go to Start > Control Panel. o In the top right corner of the Control Panel, select large icons or small icons. o Click on Java (32 bit) to open the Java Control Panel. o Click on the Security tab, then move the Security Level slider down to Medium. o Click OK to save your settings and exit. NOTE: If your Java Control Panel does not have a Security Level slider, then it is too old, and you must upgrade to a newer version. Troubleshooting Which Version of Java is Installed on my PC? If you are unsure which version of the JRE you have installed, follow these steps to determine which version is present: o Go to Start > Control Panel. o In the top right corner of the Control Panel, select large icons or small icons. o Click on Programs and Features. o Scroll down to see which version(s) of Java are installed.
Troubleshooting Clearing the Java Cache If users who received JRE 1.7 update 45 prior to the HotFix continue to see the security warning message after the HotFix is applied, they can use the following steps to manually clear the Java cache and prevent further instances of the message: Go to Start > Control Panel. In the top right corner of the Control Panel, select large icons or small icons. Click on Java (32 bit) to open the Java Control Panel.
On the General tab, click Settings. Click Delete Files
Ensure all three check boxes are selected. Click OK.