- Homeland Security warns to disable Java amid zero-day flaw
The Java 7 vulnerability is for client side machine so the SuccessFactors server is not affected. Bizx does use client side technology which requires the Java runtime environment. So, client user CANNOT simply disable their Java runtime environment. In addition there are lots of similar vulnerabilities reported recently. There may be more reported in near future. So, just waiting for a patch from the vendor is not a solution.
Here is a suggested solution (this is for IE browsers, other browsers also have similar functionalities):
1. disable Java applet running in Internet Zone
set following entry value in register table:
set 1C00 in following as 00000
2. Add the SuccessFactors site to IE Trusted Sites
go to Internet Properties -> Select Security Tab -> Select Trust Sites -> click Sites button -> in the popup panel, add SF to trusted sites e.g.: https://performancemanager4.successfactors.com
After the browser is configured like this, only the applet from trusted sites will get loaded automatically.
KBA , LOD-SF-PLT , Foundational Capabilities & Tools , How To