|
Java infection
Just a heads up to say that I've come across several examples on forums recently of adverts being posioned by trojans using the recently found Java exploits. It looks like they've become very common in the last week - an explanation of the background is here
Oracle rushes out patch for critical 0-day Java exploit ? The Register Most of the ones I've seen have been incorporated into infections created using the Blackhole build-your-own-virus kit. You can block the exploit by downloading and installing the latest version of the Java VM from java.com: Java + You The version you need is "Java Runtime Environment 7 Update 7" (or later) If you already have that installed then thats OK. If you have any other version, uninstall it (if you have multiple versions remove them all) and then install the new version. Some machines will auto-update, but a lot won't. This is a real risk and I've seen it on a number of forum sites. I've told the admins on each one but theres not a lot that can be done - users need to make sure their machines are secure. If you want to see an example of the havoc this vulnerability can create, read Thanks ever so much Java, for that biz-wide rootkit infection ? The Register Among other things, this exploit is also being used in another industrial espionage attack aimed at Defence Contractors Chemical biz 'Nitro' hackers use Java to coat PCs in poison ivy ? The Register |
As a further caveat, 'El Reg' announced that the 'rushed-out' patch by JAVA had in fact been 'rushed out' too quickly and was flawed! Happy days.
|
'El Reg' announced that the 'rushed-out' patch by JAVA had in fact been 'rushed out' too quickly and was flawed! Happy days. |
mmmm
Last week my MSE scan picked up 7 of these infections, and removed them,
yesterday's scan found nowt, and I did the Java update. I do scan with Malwarebytes as well after MSE |
Mmm . . . worrying. I found I couldn't get rid of Java to start a clean install. What's more, some check they offered said mine was running correctly despite not being able to find it anywhere on the computer.
I'd deleted every folder I could find after the Programs and Features refused to do the job. Was ver 6.0.240 When I tried to remove it the proper way, the 94mb bit of detritus gives me: Error 1723 something about a DLL missing to INSTALL the program while I'm trying to rid myself of it. I wasted more time than I could afford, then abandoned Java. |
install the 30-day trial version of this and see if it can rip it out
Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall otherwise may have to resort to the installer cleanup tool from Microsoft - but thats been officially withdrawn as it has issues with Vista and Win7 Which version of Windows have you got? |
I'm on W7 Pro
I have to be very careful, not only with my time, but with this machine. I'm on the last leg of the first book, and using the other machines, just for the next few weeks, would be tedious. So, if it's a threat, I'll have to do it, but it was weeks ago I tried to update Java, and haven't once missed it . . . yet. |
NATS AFPEx no longer works on J7
Only works on my laptop which remains on J6v23 |
I'm seriously tempted to tell my customers to remove it completely
Only real downside I can see is that it would stop Open Office / Libre Office working |
Milo, by that, do you mean remove Java completely?
I haven't bothered to load Open Office on this one, so I would just have to clean up the detritus at a convenient moment. I'm hoping the sheer time this has been lingering is an indicator it's inert. |
Milo, you say the trojans are being snuck in via adverts. What effect does running ad blockers have, if any?
|
Rivits
thats exactly what I mean How often do people actually need to run Java programs? Not often. There aren't that many low-level Java apps in the real world - except for downloable games and such like. Possibly better to remove it and remove the risk And before anyone asks - you don't need the Java VM to run Javascript - thats something completely different KBPSen I've only seen the infection when using machines which use IE as web browser, so no real Ad-Blocking capabilty other than the antivirus software (Avast on my laptop) On my other machines - which run Firefox with No-Script and Adblock Plus I've seen nothing. However that could be coincidence -or due to other protection on those machines (they are well locked down) Interestingly the initial responses from the Avast forums were that these were false positives - but that was before they were aware of the full implications - and spread - of the problem. The infections started appearing before the information was made public |
Makes me very glad I rolled back to 1.6 after having application problems with 1.7 as discussed here in June - http://www.pprune.org/computer-inter...pping-out.html
SD |
Originally Posted by unclenelli
(Post 7400504)
NATS AFPEx no longer works on J7
Only works on my laptop which remains on J6v23 |
As v7 also killed my access to the SDR at http://websdr.ewi.utwente.nl:8901/?volume=0# I've rolled back to v6.
|
| All times are GMT. The time now is 07:29. |
Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.