Friday, April 17, 2015

Security Updates: The Delicate Balance....

As users of technology, we rarely see the tug-of-war that goes on behind the scenes attempting to balance security vs accessibility.  It's usually not until a feature "stops working" until we notice this struggle.

Earlier this week, a long-planned security update to the Google Chrome browser was introduced in the latest "stable" version of Google Chrome (version 42).  Chrome BETA users got this update earlier this winter.  The security update adjusted the default security settings to disable an antiquated way for your web browser to launch additional plugins (like JAVA - required for Banner users).  As per the Google Chrome development team, "NPAPI’s 90s-era architecture has become a leading cause of hangs, crashes, security incidents, and code complexity".

ITS has been monitoring developments related to this major change.  An interim solution has been developed and communicated to the campus community.  We are continuing to explore a permanent solution to this issue as other web browsers have introduced plans to follow the same path as Google Chrome.

SOLUTION:
The following link explains how to re-enable the NPAPI plugin required for JAVA after a Google Chrome update.  Banner users will need to complete these steps (or work with ITS) if they are affected by this issue:
https://manhattan.teamdynamix.com/TDClient/KB/ArticleDet?ID=5096

Users still experiencing issues accessing Banner from Google Chrome should contact ITS Client Services.



2013 Announcement of NPAPI end of support:
https://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html