The Java Deployment Kit can be used to force the use of a down-rev vulnerable version of Java if it's installed and even prompt for its installation (which a large number of users will fall for, even if a small percent). It's an enterprise feature and an enterprise-managed deployment of Firefox can serve their own blocklist. On the consumer web applets should work in the latest security-fixed versions of Java. If they are so large that won't work then they are applications, not applets, and should have the user install them as they would any other executable.
-Dan Veditz _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform