Download the attached SametimeJava7u45.PDF for the full paper by Raymond (R.R.) Horback; below is just the introductory paragraphs and outline.
Oracle’s latest release of Java (Java Version 7 Update 45) is proving to be very disruptive to
users of Java Applets in general.
The addition of new security features, security-related Jar manifest attributes and the increase
of the “Java Security Baseline” (to Java 7u45) combine to create a difficult user experience for
users attempting to share their screen in Sametime-based meetings (SmartCloud, Sametime &
This document will describe these new security features, how they impact present versions of
the product, available hot-fixes to address these issues and IBM’s general recommendations for
customers regarding Java.
New Java 7u45 Security Features:
1. Enforcement of the “Permissions” Jar Manifest Attribute
2. Introduction of the “Caller-Allowable-Codebase” Jar Manifest
3. Introduction of the “Application-Name” Jar Manifest Attribute
4. The “Java Security Baseline” has been increased to Java Version 7
How The New Security Features Impact Sametime Meetings:
1. The “Caller-Allowable-Codebase” and “Trusted-Library” attributes
2. JVM’s below the Security Baseline disable “LiveConnect” on the
default Security Level setting
Oracle and the Browsers are Serious About Users Staying
Current with Java - IBM Customers should be too
Sametime Meetings Hot-Fixes and User Experience
IBM Recommendation for Customers
History of Java 7 Versions and Security Features