Stop java 6 from updating
The initial release of flags older versions of Java that are known to be unsafe; Microsoft says over time it will add other outdated and potentially dangerous Active X controls to the list.With this update installed, all supported versions of Internet Explorer (IE 8 through 11 on Windows 7, and Internet Explorer for the desktop on Windows 8) will check the server-side block list whenever they encounter an Active X control on a web page.Some examples: You can add a Custom Action (1122) to your Transform file, where you run this command: /C rmdir “%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\Java” /S to remove the Start Menu shortcuts.In the Install UIExecute Sequence table you set the Sequence ID of this Custom Action to ‘3183’.
Most settings you will change by using this utility will then be stored in the registry in [HKEY_LOCAL_MACHINE\SOFTWARE\Java Soft].
For the initial release, this new feature takes dead aim at the single most dangerous Active X control of all: Java.
Through the years, Java has been a favorite target of malware writers, who know that Windows PCs and Macs are likely to be running an outdated Java version.
Active X controls, which expand the capabilities of Internet Explorer in useful but also potentially dangerous ways, have been a headache for Windows users for more than a decade.
Improvements in the design of Active X have progressively reduced its attack surface; the new framework provides a way to ensure that attackers can’t target known vulnerabilities in Active X controls that are installed but not updated to the most recent version.
They’ve even automated the process, using exploit kits on booby-trapped web pages to install malware in drive-by attacks on systems with outdated Java versions.