Java exploits percolate

Is having Java installed on a system a security risk?

  • Yes

    Votes: 9 81.8%
  • No

    Votes: 2 18.2%

  • Total voters
    11

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,379
In this webcast, Kurt Baumgartner talks about the rise of exploits against vulnerabilities in Oracle’s Java software. The discussion centers around the exploitation of Java vulnerabilities in exploit kits and the poor state of patching on the Windows platform.



Other related articles :

Kaspersky Labs said:
New Exploit Targeting Java Vulnerability Found in BlackHole Arsenal

On 3 December, we noted a rapid growth in the number of detections for exploits targeting the vulnerability CVE-2011-3544 in Java virtual machine. The vulnerability was published on 18 October, but malicious users have only recently begun to make active use of it. It can be used by exploits in drive-by attacks to download and launch malicious programs.
648.jpg

According to KSN data, most of the exploits targeting CVE-2011-3544 are used in the BlackHole Exploit Kit, which is currently the most popular exploit pack.

We analyzed the latest BlackHole kits. The sites that carry out drive-by attacks with the help of BlackHole turned up quite an old exploit – a PDF file that targets the vulnerability CVE-2010-0188, and a new Java exploit targeting the vulnerability CVE-2011-3544. The corresponding files are circled in red in the screenshot below.

649.jpg


Read more>>
 
Last edited:

MrXidus

Super Moderator (Leave of absence)
Apr 17, 2011
2,503
Un-installed Java months ago. I just don't trust it enough to be on my system.

If I need to use something that requires Java, Into VMWare it goes.
 

Tom172

Level 1
Feb 11, 2011
1,009
I had to use Java throughout a course I was doing, now that I no longer have a use it will be promptly removed.
 

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,379
Java is a very targeted software however I do believe that most exploits are possible due to the fact that people don't install the Java Updates when they are available............
 

Tom172

Level 1
Feb 11, 2011
1,009
That's true, though I have kept my Java up to date while it was installed I still came across traces of malware in the Java cache. So keeping it updated will help but still there are risks.
 
I

illumination

I just cleaned a computer for a friend two nights ago, and almost every infection on it was Java exploits.. I personally do not run it on my system, and advised them not to after cleaning...
 

Hungry Man

New Member
Jul 21, 2011
669
Having anything installed is a security risk but Java especially so since
1) It's constantly used to connect to the web
2) The updater is iffy
3) Oracle is awful
4) Java is incredibly tempting to attack because it's compiled code and incredibly portable (I can hit OSX and Windows with one Java exploit)

Honestly, if Oracle wasn't so damn awful Java would be great. If you use a separate Java VM (linux, Android both do) you stop seeing these ridiculous sploits every other day. Java as a language is very secure, the issues are all in the VM.
 

McLovin

Level 78
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,228
I've had Java installed for a while and have had no problem with it. I had done the same as Tom using it for the course that I user to do at TAFE, but after kept it installed and had no problem. Also it depends on what websites you go to, if you go to websites that are safe and the AV you are using says it is safe well then your safe. Plus if there is an alternative that I can use for Minecraft, because Java is used for Minecraft and you don't have that installed then no Minecraft I would use it but until that happens I'll keep it installed.
 

Viking

Level 26
Verified
Honorary Member
Top Poster
Well-known
Oct 2, 2011
1,559
It is also a good idea if you uncheck: "Keep Temporary files on my computer" in the java settings.
 

Littlebits

Retired Staff
May 3, 2011
3,893
Anything on your system that has the ability to connect to the web is a security risk.
Browsers, messengers, email clients, plugins like Java, Flash and Shockwave, media players and even security products themselves have vulnerabilities that can be exploited.

Keeping everything updated and Microsoft Updates will decrease the chance of attacks.
Also keep in mind most attacks don't target home users in general but in some cases can.

I depend on Java to run some of my programs, so I will be keeping it.

I don't personally agree that the exploits are that common on updated versions.

Thanks.:D
 
I

illumination

Littlebits said:
I don't personally agree that the exploits are that common on updated versions.

Thanks.:D

I agree with this... The friend i helped needed updates for everything, after cleaning their system, i talked to them about it, they have become so afraid to click anything for fear of messing up their system, that they were not updating anything.. I have found this is a common problem.. I personally have no need for Java on my system so do not use it... and after finding out what all my friend does on the net, advised them to remove it also, as they did not need it.. In this case, it was simple, if not installed, will not be a vulnerability...
 

Gnosis

Level 5
Apr 26, 2011
2,779
I thought that Java was very useful (when kept updated) in preventing buffer overrun, which is a very important exploit for Rootkit installers/illegitimate hackers.
 

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,379
The past two weeks on MDL almost all the links lead me to a Java exploit ( Blackhole exploit kit control panel).... The guys for F-Secure have a very good tip : ditch Java if you don't need it or go use Chrome :

F-Secure said:
Java Considered Harmful

Do you need Java in your web browser? Seriously, do you? If not, get rid of it.

Turns out, most users don't need Java any more, yet people keep running it.

Do not confuse Java with JavaScript: it's hard to use the web without JavaScript. But JavaScript has nothing to do with Java.

The risks of Java are nicely illustrated by the recent Java Rhino vulnerability (aka CVE-2011-3544). If you're running Java, but not the latest version, you're vulnerable. So either you have to check at all times that you have the latest version of Java — or get rid of it altogether.

And the Java Rhino vulnerability is not theoretical: the most common exploit kits have incorporated this vulnerability in their default exploits, and it seems to be working very well for the online criminals.

Here's a sample screenshot from a Blackhole exploit kit control panel. In this picture we can see 16,144 computers which were taken over with the CVE-2011-3544 vulnerability.

[........................]


Also note that Chrome has been doing a good job in sandboxing or otherwise securing risky add-ons and extensions. Many Java exploits do not work against Chrome. Also, Chrome does not use an Adobe Reader plugin to render PDF files. This is good news, as Chrome is quickly becoming the most common browser on the planet.
Read more >>>
 

Attachments

  • 1.png
    1.png
    146.7 KB · Views: 495

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
For anyone using Java its really a must to update for the latest version as only the sole solution to clear out the vulnerabilities, beside of the AV you used to protect against exploit.
 

moonshine

Level 7
Verified
Apr 19, 2011
1,264
I don't mean to bother you but you can use the version 7 of Java, I'm using it myself.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top