Critical 0-Day Java Bug "Massively Exploited"

Discussion in 'other security issues & news' started by Mman79, Jan 10, 2013.

Thread Status:
Not open for further replies.
  1. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,567
    Location:
    Canada
    I never notice it before?? And the source I quoted above even states it was added. Oh well... "shrugs".
     
  2. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,567
    Location:
    Canada
    *Sigh* well I'm sure having trouble finding malware on all those sites you've listed :( even going as far as disabling the script blocker in Chrome, then clicking on all kinds of stupid ads hoping for something interesting but, alas, nothing materializes, other than the occasional "are sure you want to leave this page... pop-ups and the firewall sometimes alerting Chrome attempting to connect to remote port 8080 ( what was that about application firewalls being useless? ), which I allow temporarily but nothing interesting again.

    I know Hungry asserts if it's expected it won't happen, but then we would all only have to "expect" malware to happen then that's all we'd need to do to avoid it :D
     
  3. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,263
    Location:
    USA
  4. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    The sites are not compromised, these are just sites where ads have attacked recently. Ebaumsworld I got 2 0hour samples from yesterday but I let the site rotate ads for more than 48 hours. If you want an exploit that simply kicks on on page render you need to find a site that is itself compromised.

    PM me if you want the last 2 samples I pulled from ebaumsworld, they are both still quite fresh.
     
  5. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,989
    Location:
    California
    Hello Bruce,

    I've never gotten to such a site during normal surfing in all of my years on the 'Net! I usually have to find a site that someone else has discovered.

    Another thing, as we discussed recently, the hosted sites with the Exploit Kits (the sites the victims are redirected to from a compromised page) are going down very quickly, due to two factors, which may be of interest to others:

    1) web hosts are removing the sites quickly when notified

    2) "fast flux" enables the cybercriminals to quickly change the IP addresses.

    So, it's rare to find a site listed on some of the malware domain lists that is still active! This makes it more difficult for security people to analyze the code on their sites. You have to be quick on the draw to follow their activities these days!


    regards,

    -rich
     
    Last edited: Jan 15, 2013
  6. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,567
    Location:
    Canada
    Tell me about it :(
     
  7. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,200
    Location:
    Pennsylvania.
    I'm guessing sandboxie with restrictions on running/internet privileges will be pretty good against this right?
     
  8. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
  9. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    New Java Exploit Fetches $5,000 Per Buyer
    Article
     
  10. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    371
    I heard Java 11 is out now. Should I update it to the 11? If I do that, do you think everything will be safe when enabled? Also, if I browse on sandboxed mode, will I be protected from this?
     
  11. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,200
    Location:
    Pennsylvania.
    I see the new version updates the security from medium to high.
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Java 11 is still vulnerable to an exploit being sold and distributed to exploit kits.

    Yes, you should still update.
     
  13. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,955
    As long as the exploits can't override both Chrome's and Java's prompts and force an execution, then I won't worry too much. If they can do that, then maybe I should uninstall it...
     
  14. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    It's Time to Banish Java from Your Computer
    Instead of worrying about the security threat posed by Java, simply get rid of it. Chances are you won’t miss it. Here are steps you can take to kill Java from your PC.
    Article
     
  15. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Malware Poses as an update for Java 0-day fix...
    Article
     
  16. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,822
    I don't have Java installed on my system, so that takes care of that risk. Now, if I did have Java installed, EXE Radar Pro using Lockdown mode would take care of that no problem....at least I seem to think so.
     
  17. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,164
    Indeed, Java is just bad news. Time to ditch it folks.

    Java - Just Another Vulnerability Announcement. :p
     
  18. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,822
    HaHa, I like that :D
     
  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    77,512
    Location:
    Texas
    http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/
     
  20. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,909
    Location:
    USA
    I am inclined to agree, 2 years is a long time to wait for a bullet proof version.
     
  21. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,401
    Location:
    Philippines
    You will never see a bullet proof version; of Java or anything else.

    It's like any other software, If you don't need it, why installed it in the first place?

    If you need it keep it. Just patch it, when they come out with them. I am not about to ditch it. It is quite useful to me and that is all that counts.
     
  22. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
  23. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  24. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,200
    Location:
    Pennsylvania.
    I am having a bit of trouble finding the java program to check if auto update is on for soofly's computer. Is there an update button there or do we have to uninstall the old one and install the new one?
     
  25. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,955
    You can just install the new one, and it will uninstall the old one automatically.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.