Not really a question, but more of a suggestion. We have a lot of enterprise applications that use java (a hundred or so). Since the new update ( 7 update 51 ), we are now finding out we have to add tons of sites to the Java Exception List because the Jar Manifest aren't updated with the required permissions attribute. We also have all the websites that we host at our enterprise on the Internet Explorer Trusted Sites list. My comment to this, why didn't they program java to have an option that would look to see if the site is trusted, and if it was, bypass the check for the permissions attribute, and if it isn't in the Trusted Sites, then and only then, you need to add the site to the Java Exception list. Since we already considered it trusted in IE, we obviously found it to be trusted in Java. Just my two cents. We are finding our-self doing double the work because of this new update. It's a great idea to check, but if we can bypass the check in the control panel, why can't we get an option to bypass it if the url is in the trusted sites list?