Java 1.6 update 20 is available >>> update from the control panel applet, otherwise that won’t remove the 19 version (many java versions can be installed at the same time :
).
download here: http://www.java.com/en/ but again, better off with the integrated updater.
read this here:
http://blogs.zdnet.com/security/?p=6161&tag=content;col2
I’m really not sure that update 20 solves the problem. Secunia scan says it’s OK but that doesn’t mean anything because they probably haven’t analysed the patch yet.
warning: I just found that update 19 plugins were still present in all browsers after the update to “20” >>> way out: remove Java completely and reinstall from scratch with the download (yeah, that’s the opposite of what I said before).
update 20 details here:
http://java.sun.com/javase/6/webnotes/6u20.html
Thanks Logos 
That has removed the old update 19 plugins
Cheers
@Logos: Thanks for keeping us up to date on this…!
Yes, thanks for keeping tabs on this, Logos. I re-enabled 6u19, uninstalled with Revo, and installed 6u20. All is well now.
you’re welcome people
@ Chris Thomas: that’s the whole point of this thread; uninstall Java from your system (you’re running vulnerable versions - 18&19 and install the new one. Also, check your plugins folder in Mozilla program file folder and remove npdeployJava.dll as it will still be there after the uninstall of the old version (do that before installing the new one).
Firefox blocked your old and unpatched Java after a plugins check.
edit: may be you actually already uninstalled the old version (s) and install the new one. Then the alert just comes from the fact that you didn’t manually delete the old java deployment files in as said Firefox plugins folder.
I also use JavaRa
JavaRa is a simple tool that does a simple job: it removes old and redundant versions of the Java Runtime Environment (JRE). Simply select “Check for Updates” or “Remove Older Version” to begin. JavaRa is free under the GNU GPL version two.http://raproducts.org/javara.html
Fixed ;D
I never do an on-line install of JAVA, I always download the off-line installation file.
You don’t have to uninstall the old version of JAVA, from some time ago the JAVA update removed the old version.
What you most certainly ‘have to do’ is to close all browsers before running the JAVA update/installation, I have done that for a while now and the old JAVA plug-in isn’t seen in firefox, see image. A search for npdeployJava.dll also reveals file not found, so it is removing that if it was present.
So I don’t know why this is happening to you
@ David
I thought I had updated. But your above post made me recheck the version and it is was still 19. I was so careless to have believed that I updated to version 20. But I did an update from the inbuilt updater. But I don’t know how come it is still version 19.
I did an offline install and it is now version 20
I also didn’t quote Logos fully.
Now it is really fixed
happened to me too, browsers closed >>> after an online update, remnants of the old version were still there in program files as well as plugins in browsers. But you may be right about the behavior of the full install file. The issue is also that Java doesn’t mind several versions installed at the same time. I don’t know why they allow that, guessing here that any version is backward compatible with sites running older versions…just guessing.
a. I also use the downloaded installer, as i blocked all java updates at first.
b. True, but somehow seems not to work with the 6.20 update…
maybe because it’s an out of order quick-fix…??
asyn
Check the version number of your Java Deployment Toolkit plugin for Firefox, which should be 6.0.200.2.
http://img519.imageshack.us/img519/4715/firefoxplugins.th.gif
As in Chris Thomas’ case, on one of our PCs, java failed to update itself properly. If you don’t have the proper version, try uninstall/reinstalling the update manually or JavaRa, which should solve the problem.
I got hit with a java trojan on my other laptop. I bugger went right thru AVG and wiped out all the bookmarks in IE8 and FF3.6 . I just got Avast 5 pro and installed it on all 3 of my puters. Mine is Windows 7,the desktop is XP and the infected laptop is Vista. Once Avast was installed and updated I did a Boot scan and deleted the trojan. Now all the bookmarks are back in IE8. I have not checked FF3 but I assume there also back. Avast rocks. AVG let it right on thru. Oh well I guess you can’t catch them all.
