X
Tap here to go to the mobile version of the site.

Support Forum

plugin check not working

Posted

The Firefox plugin checker is reporting "vulnerable - Update Now" for my Java Deployment Toolkit 7.0.510.13. and Java(TM) Platform SE 7 U51 plugins.

The 'update now' link takes me to the Java download page which invites me to download the latest Plugin 7.51. but i already have 7.51 installed so the plugin checker is incorrectly displaying "vulnerable - Update Now". I have had 7.51 installed since January 17th and run the plugin checker on a weekly basis so i'm not sure why it has suddenly decided that this is a vulnerable plugin.

I am running Firefox 28.0 on Windows 7

thanks ...

The Firefox plugin checker is reporting "vulnerable - Update Now" for my Java Deployment Toolkit 7.0.510.13. and Java(TM) Platform SE 7 U51 plugins. The 'update now' link takes me to the Java download page which invites me to download the latest Plugin 7.51. but i already have 7.51 installed so the plugin checker is incorrectly displaying "vulnerable - Update Now". I have had 7.51 installed since January 17th and run the plugin checker on a weekly basis so i'm not sure why it has suddenly decided that this is a vulnerable plugin. I am running Firefox 28.0 on Windows 7 thanks ...

Additional System Details

Installed Plug-ins

  • Shockwave Flash 12.0 r0
  • Google Update
  • 5.1.30214.0
  • Next Generation Java Plug-in 10.51.2 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Adobe PDF Plug-In For Firefox and Netscape 11.0.06
  • Adobe Shockwave for Director Netscape plug-in, version 12.0.7.148
  • Adobe Shockwave for Director Netscape plug-in, version 12.0.5.146

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0

More Information

AliceWyman
  • Moderator
240 solutions 2594 answers

P.S. You wrote, There is no way of knowing if a new update has arrived whether it be a security update or not unless you click on the green up-to-date button every day,

That's not true. You can check for updates from the Java Control Panel "Update" tab. See http://kb.mozillazine.org/Java#On_Windows

I just did that on my Window 7 computer, where I currently have Java 7 U55 installed, and it tells me that Java 7 Update 60 is available for download.

P.S. You wrote, ''There is no way of knowing if a new update has arrived whether it be a security update or not unless you click on the green up-to-date button every day, '' That's not true. You can check for updates from the Java Control Panel "Update" tab. See http://kb.mozillazine.org/Java#On_Windows I just did that on my Window 7 computer, where I currently have Java 7 U55 installed, and it tells me that Java 7 Update 60 is available for download.

Question owner

I was referring to the plugin check in general rather than specifically the Java plugin.

I was referring to the plugin check in general rather than specifically the Java plugin.
AliceWyman
  • Moderator
240 solutions 2594 answers

I see that you asked an earlier question about PluginCheck back in January 2014.

In that case, the issue was the VLC Media Player's plugin being reported as outdated. The related Mozilla bug was Bug 939699 - Update VLC plugin to 2.1.2

If your question is a general one regarding why the PluginCheck website can't be kept updated, hopefully the HelpDesk can answer or at least tell you how to submit your concerns to Mozilla. I don't even know if you should use the Firefox feedback avenue input.mozilla.org/feedback to submit PluginCheck feedback. Technically, PluginCheck isn't part of Firefox, it's a Mozilla website that can be used to check your plugins using Firefox, but can also be used in Safari, Chrome and other browsers (ref.).

Here is a list of all of the open PluginCheck bugs, FYI

https://bugzilla.mozilla.org/buglist.cgi?component=plugins.mozilla.org&product=Websites&bug_status=__open__&list_id=10375297

I see that you asked an earlier question about PluginCheck back in January 2014. *[/questions/982481] ''plugin check not working'' In that case, the issue was the VLC Media Player's plugin being reported as outdated. The related Mozilla bug was [https://bugzilla.mozilla.org/show_bug.cgi?id=939699 ''Bug 939699'']'' - Update VLC plugin to 2.1.2'' If your question is a general one regarding why the PluginCheck website can't be kept updated, hopefully the HelpDesk can answer or at least tell you how to submit your concerns to Mozilla. I don't even know if you should use the Firefox feedback avenue input.mozilla.org/feedback to submit PluginCheck feedback. Technically, PluginCheck isn't part of Firefox, it's a Mozilla website that can be used to check your plugins using Firefox, but can also be used in Safari, Chrome and other browsers ([https://bugzilla.mozilla.org/show_bug.cgi?id=863708 ref.]). Here is a list of all of the open PluginCheck bugs, FYI https://bugzilla.mozilla.org/buglist.cgi?component=plugins.mozilla.org&product=Websites&bug_status=__open__&list_id=10375297
guigs 1072 solutions 11697 answers

Looks like a user has taken the initiative to file a separate bug for the toolkits: [Bug 1008387 - Java Deployment Toolkit is labeled as known to be vulnerable. Use with caution. (edit) ]

Looks like a user has taken the initiative to file a separate bug for the toolkits: [Bug 1008387 - Java Deployment Toolkit is labeled as known to be vulnerable. Use with caution. (edit) ]

Question owner

Bug still occurring - did you get a reply from a Mozilla employee?

Bug still occurring - did you get a reply from a Mozilla employee?
AliceWyman
  • Moderator
240 solutions 2594 answers

You wrote, Bug still occurring - did you get a reply from a Mozilla employee?

guigs2 is a Mozilla (Helpdesk) employee. I don't know if she is going to reply further but, here's my take on this:

guigs2 referred to Bug 1008387 - Java Deployment Toolkit is labeled as known to be vulnerable. Use with caution. That bug is still open, and is about the Java Deployment Toolkit plugin being shown as "vulnerable" in the Add-ons Manager but not on the PluginCheck page. I keep the Java Deployment Toolkit plugin set to "Never Activate" (disabled) in the Add-ons Manager Plugins list, so it doesn't show up on the Mozilla PluginCheck page. The Deployment Toolkit plugin doesn't need to be enabled - see http://kb.mozillazine.org/Java#Java_Deployment_Toolkit_plugin ... which links to http://www.java.com/en/download/faq/deployment_toolkit.xml

Are you asking why Java(TM) Platform SE 7 U55 Next Generation Java Plug-in (Java 7 Update 55) is still being shown as up-to-date on the Mozilla PluginCheck page, when Java 7 Update 60 is the latest version? Or is your question more general: why can't PluginCheck be kept updated?

Java 7 Update 60 isn't a security release, like I mentioned before. Just a GUESS but maybe that's why no one has filed a bug report? I really don't know. Anyway, I don't think this is anything that Mozilla Support can answer. The best I can suggest is to submit feedback to input.mozilla.org/feedback or file a new bug report at bugzilla.mozilla.org under the Websites - plugins.mozilla.org component (you can use this form after registering at bugzilla).

You wrote, ''Bug still occurring - did you get a reply from a Mozilla employee?'' '''guigs2''' is a Mozilla (Helpdesk) employee. I don't know if she is going to reply further but, here's my take on this: '''guigs2''' referred to [https://bugzilla.mozilla.org/show_bug.cgi?id=1008387 Bug 1008387] ''- Java Deployment Toolkit is labeled as known to be vulnerable. Use with caution.'' That bug is still open, and is about the '''Java Deployment Toolkit''' plugin being shown as "vulnerable" in the Add-ons Manager but not on the [http://www.mozilla.org/en-US/plugincheck/ PluginCheck] page. I keep the Java Deployment Toolkit plugin set to "Never Activate" (disabled) in the Add-ons Manager Plugins list, so it doesn't show up on the Mozilla PluginCheck page. The Deployment Toolkit plugin doesn't need to be enabled - see http://kb.mozillazine.org/Java#Java_Deployment_Toolkit_plugin ... which links to http://www.java.com/en/download/faq/deployment_toolkit.xml Are you asking why '''Java(TM) Platform SE 7 U55''' Next Generation Java Plug-in (Java 7 Update 55) is still being shown as up-to-date on the Mozilla [http://www.mozilla.org/en-US/plugincheck/ PluginCheck] page, when Java 7 Update 60 is the latest version? Or is your question more general: why can't PluginCheck be kept updated? Java 7 Update 60 isn't a security release, like I mentioned before. Just a GUESS but maybe that's why no one has filed a bug report? I really don't know. Anyway, I don't think this is anything that Mozilla Support can answer. The best I can suggest is to submit feedback to input.mozilla.org/feedback or file a new bug report at bugzilla.mozilla.org under the Websites - plugins.mozilla''.''org component (you can use [https://bugzilla.mozilla.org/enter_bug.cgi?product=Websites&component=plugins.mozilla.org this form] after registering at bugzilla).

Question owner

Yes the bug is that it is showing a plugin as up-to-date (java v55) when it isn't (java v60 available). I don't know if it's specifically the Java one that only has the problem as it is the only one i've found to be showing incorrectly. i did read about the bug report that was referred to by guigs2 but it appeared to be about a different issue so i wondered if someone was looking at the one i found.

Yes the bug is that it is showing a plugin as up-to-date (java v55) when it isn't (java v60 available). I don't know if it's specifically the Java one that only has the problem as it is the only one i've found to be showing incorrectly. i did read about the bug report that was referred to by guigs2 but it appeared to be about a different issue so i wondered if someone was looking at the one i found.
AliceWyman
  • Moderator
240 solutions 2594 answers

richlaughlin, I would wait until you've updated to Firefox 30 (which should be released very soon) and then post back. The PluginCheck website is being reworked for Firefox 30 and that might make a difference in your results (ref.)

'''richlaughlin,''' I would wait until you've updated to Firefox 30 (which should be released very soon) and then post back. The PluginCheck website is being reworked for Firefox 30 and that might make a difference in your results ([https://bugzilla.mozilla.org/show_bug.cgi?id=956905#c136 ref].)

Question owner

ok, thank you.

ok, thank you.

Question owner

I now have Firefox 30 and the fault still exists - it is still telling me v55 is up to date when v60 is available

In fact there is another fault. It is telling me my Adobe Acrobat NPAPI Plug-inAdobe Acrobat NPAPI Plug-in is vulnerable (11.0.7.79 Update Now) but when i click on update now it just reloads the plugin check.

I now have Firefox 30 and the fault still exists - it is still telling me v55 is up to date when v60 is available In fact there is another fault. It is telling me my Adobe Acrobat NPAPI Plug-inAdobe Acrobat NPAPI Plug-in is vulnerable (11.0.7.79 Update Now) but when i click on update now it just reloads the plugin check.

Question owner

And on my XP machine i report a 3rd fault with plugin check. It is reporting a vulnerable plugin and the Update Now link is dead.

MetaStream 3 PluginnpViewpoint Plugin vulnerable 3.2.2.26 Update Now

http://www.viewpoint.com/technologies/viewpoint-media-player.shtml not found

thanks ...

And on my XP machine i report a 3rd fault with plugin check. It is reporting a vulnerable plugin and the Update Now link is dead. MetaStream 3 PluginnpViewpoint Plugin vulnerable 3.2.2.26 Update Now http://www.viewpoint.com/technologies/viewpoint-media-player.shtml not found thanks ...

Question owner

..and finally. I can report that the up-to-date issue with the Java plugin is not specific to Java, it happens with other plugins.

My Adobe Flash Player -Shockwave Flash is reporting up-to-date at version 13.0.0.214, yet when i hit the up-to-date green button, Adobe Flash Player is at Version 14.0.0.125. which is a major version behind, even if the old version is not perceived as vulnerable.

..and finally. I can report that the up-to-date issue with the Java plugin is not specific to Java, it happens with other plugins. My Adobe Flash Player -Shockwave Flash is reporting up-to-date at version 13.0.0.214, yet when i hit the up-to-date green button, Adobe Flash Player is at Version 14.0.0.125. which is a major version behind, even if the old version is not perceived as vulnerable.
AliceWyman
  • Moderator
240 solutions 2594 answers

richlaughlin, I checked the list of open PluginCheck bugs and I see that two bug reports were just filed about the PluginCheck /Firefox 30 /Adobe Acrobat issue. (Please don't add comments to bug reports unless you have something constructive to add - see Bugzilla Etiquette):

  • Bug 1023653 - Adobe Acrobat plugin on Windows detected as Mac, can't update
  • Bug 1023718 - Plugin checker for newly installed FF 30.0 shows Adobe Acrobat plugin "vulnerable" but update button just reloads plugin checker

You can follow those bugs by "voting" for them. It's very likely that the other PluginCheck bugs you noticed will be reported, now that Firefox 30 is out. You could file a new bug report yourself on the other PluginCheck issues, like I mentioned earlier, if you wish.

'''richlaughlin,''' I checked the list of [https://bugzilla.mozilla.org/buglist.cgi?component=plugins.mozilla.org&product=Websites&bug_status=__open__&list_id=10463404 open PluginCheck bugs] and I see that two bug reports were just filed about the PluginCheck /Firefox 30 /Adobe Acrobat issue. (Please don't add comments to bug reports unless you have something constructive to add - see [https://bugzilla.mozilla.org/page.cgi?id=etiquette.html Bugzilla Etiquette]): *[https://bugzilla.mozilla.org/show_bug.cgi?id=1023653 Bug 1023653] - Adobe Acrobat plugin on Windows detected as Mac, can't update *[https://bugzilla.mozilla.org/show_bug.cgi?id=1023718 Bug 1023718] - Plugin checker for newly installed FF 30.0 shows Adobe Acrobat plugin "vulnerable" but update button just reloads plugin checker You can follow those bugs by "voting" for them. It's very likely that the other PluginCheck bugs you noticed will be reported, now that Firefox 30 is out. You could file a new bug report yourself on the other PluginCheck issues, like I mentioned earlier, if you wish.
AliceWyman
  • Moderator
240 solutions 2594 answers

P.S. Regarding your last comment, My Adobe Flash Player -Shockwave Flash is reporting up-to-date at version 13.0.0.214, yet when i hit the up-to-date green button, Adobe Flash Player is at Version 14.0.0.125. which is a major version behind, even if the old version is not perceived as vulnerable.

Adobe Flash Player version 13.0.0.214 IS vulnerable and you should update to version 14.0.0.125 - see Adobe's security bulletin:

http://helpx.adobe.com/security/products/flash-player/apsb14-16.html Security updates available for Adobe Flash Player Release date: June 10, 2014

P.S. Regarding your last comment, ''My Adobe Flash Player -Shockwave Flash is reporting up-to-date at version 13.0.0.214, yet when i hit the up-to-date green button, Adobe Flash Player is at Version 14.0.0.125. which is a major version behind, even if the old version is not perceived as vulnerable.'' Adobe Flash Player version 13.0.0.214 IS vulnerable and you should update to version 14.0.0.125 - see Adobe's security bulletin: http://helpx.adobe.com/security/products/flash-player/apsb14-16.html Security updates available for Adobe Flash Player Release date: June 10, 2014

Question owner

ok i'll keep an eye on those 2 bug reports and attempt to add one for the up-to-date being falsely reported.

regarding the Adobe Flash Player, that is a different bug again if a vulnerable plugin is not being reported as opposed to the java one which is not vulnerable but just out-of-date - i'll try to add one for that too

ok i'll keep an eye on those 2 bug reports and attempt to add one for the up-to-date being falsely reported. regarding the Adobe Flash Player, that is a different bug again if a vulnerable plugin is not being reported as opposed to the java one which is not vulnerable but just out-of-date - i'll try to add one for that too

Question owner

how do i vote for a bug?

how do i vote for a bug?
AliceWyman
  • Moderator
240 solutions 2594 answers

You can vote for the bug by clicking the "vote" link as shown in the screenshot I've attached.

By the way, the Adobe Acrobat plugin bug is new in Firefox 30. I don't see it in Firefox 29.0.1 (I have both Fx 29.0.1 and Fx30 installed on my Windows 7 computer, in different folders)

The Adobe Flash plugin detection problem, where Flash 13.0.0.214 is seen as up-to-date on he PluginCheck webpage, is the same for me in Firefox 29.0.1 and Firefox 30. I'm sure that will be updated soon since Adobe's Flash Player security bulletin was just released yesterday.

You can vote for the bug by clicking the "vote" link as shown in the screenshot I've attached. By the way, the Adobe Acrobat plugin bug is new in Firefox 30. I don't see it in Firefox 29.0.1 (I have both Fx 29.0.1 and Fx30 installed on my Windows 7 computer, in different folders) The Adobe Flash plugin detection problem, where Flash 13.0.0.214 is seen as up-to-date on he PluginCheck webpage, is the same for me in Firefox 29.0.1 and Firefox 30. I'm sure that will be updated soon since Adobe's Flash Player security bulletin was just released yesterday.

Question owner

I have created bug reports 1023835 and 1033838 to go with the two already created and voted on all.

Yes i agree the Adobe Acrobat plugin bug is new in Firefox 30.

I have created bug reports 1023835 and 1033838 to go with the two already created and voted on all. Yes i agree the Adobe Acrobat plugin bug is new in Firefox 30.
AliceWyman
  • Moderator
240 solutions 2594 answers

I updated the bugs you filed, 1023835 (on Java) and 1023838 (on Flash). Thanks so much for filing them!

I updated the bugs you filed, [https://bugzilla.mozilla.org/show_bug.cgi?id=1023835 1023835] (on Java) and [https://bugzilla.mozilla.org/show_bug.cgi?id=1023838 1023838] (on Flash). Thanks so much for filing them!

Question owner

I have also created a bug report for the vulnerable plugin with an 'update now' dead link #1023889

I have also created a bug report for the vulnerable plugin with an 'update now' dead link #1023889