 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 | reply to jabarnut
Re: Warning: 0-Day vulnerability in Java 7 Yes well you're "Light Years Away" 
--
Don't feed trolls--it only makes them grow! |
|
|
|
 jabarnutLight Years AwayPremium,MVM
join:2005-01-22
Galaxy M31
kudos:2 | Correct.  |
|
 trparkyApple... YUMPremium,MVM
join:2000-05-24
Cleveland, OH
kudos:2 | Guess that the guys behind Java had an "Oh shit!" moment and thought that maybe, just maybe, this deserved an out-of-band update contrary to their normal standard operating procedures. |
|
jabarnutLight Years AwayPremium,MVM
join:2005-01-22
Galaxy M31
kudos:2
1 edit | I hear you...and their "standard operating procedures" were not too often for sure.
Glad they were on top of this one.
--
I had a life once.....now I have a Computer and a Modem. |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
 ·CenturyLink
| said by jabarnut:Glad they were on top of this one.
Hopefully someone here will "take one for the team" and will visit a known exploit site. Then we'll know for sure if Oracle "did good".
--
Don't feed trolls--it only makes them grow! |
|
jabarnutLight Years AwayPremium,MVM
join:2005-01-22
Galaxy M31
kudos:2 | Excellent suggestion! And since you're the one who suggested it, you're elected.
--
I had a life once.....now I have a Computer and a Modem. |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| Thank you for your kind offer but I respectfully decline 
For whatever reason there have been a ton of software/firmware updates (for software I use) today. It's been non-stop.
--
Don't feed trolls--it only makes them grow! |
|
jabarnutLight Years AwayPremium,MVM
join:2005-01-22
Galaxy M31
kudos:2 | Lol..no problem, Stuart. Hell, I don't want to test it either.
I'll do what I usually do. Just sit around and observe, and see if anyone else has problems in the near future.
--
I had a life once.....now I have a Computer and a Modem. |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| Well this old Lemming has seen others (and even tried when younger) "jump" but now prefers to watch the less wise do so
--
Don't feed trolls--it only makes them grow! |
|
 siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17 | reply to chachazz
ACK |
|
siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17 Reviews:
·Bell Sympatico
| reply to siljaline
These posted in the ARS Article or this via Brian Krebs, should get everyone patched that needed patching. |
|
 DrStrangeTechnically feasiblePremium
join:2001-07-23
West Hartford, CT
kudos:1 | reply to chachazz
Thanks. Emergency deployment begins tomorrow AM. |
|
| reply to siljaline
Ta.
Download: »www.oracle.com/technetwork/java/···dex.html |
|
 Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to Mele20
said by Mele20:Opera is as bad as Mozilla. I am not allowed to use version 6 on it.
No wonder I use IE8 more these days...I'm forced to as version 6 works fine on it.
With the update today...you can still get a version 6 that they have available and it is patched also for the problem.
posted that info here.
»Re: Java 7 update7 released today to patch zero day vulnabilty
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
 Dude111An Awesome DudePremium
join:2003-08-04
USA
kudos:11
1 edit | reply to Name Game
Thats a good test!!!
Thank you... I find JAVA works better than flash! (Not as CPU intensive,etc)
EDIT:
It says my DL speed is 1.98Megs which i think is way off!!
I think the results from this one are more accurate
»www.computers4sure.com/speed.asp
Says my DL is 2386k |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| said by Dude111:I think the results from this one are more accurate
Not for me. It told me 2740.1 Kbps which is way low.
I typically get 10.3Mbps from this site.
»www.speedtest.net
Even C/Net's test gave me 7,333Kbps.
»webservices.cnet.com/bandwidth/
--
Don't feed trolls--it only makes them grow! |
|
siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17 | reply to norwegian
Re: Warning: 0-Day vulnerability in Java 7 Ta, norwegian  |
|
mysecPremium
join:2005-11-29
kudos:4 | reply to jabarnut
said by jabarnut:Glad they were on top of this one.
Oracle knew about currently exploited Java vulnerabilities for months, researcher says
»www.techworld.com.au/article/435···er_says/
Oracle knew since April about the existence of the two unpatched Java 7 vulnerabilities that are currently being exploited in malware attacks, according to Adam Gowdiak, the founder and CEO of Polish security firm Security Explorations.
Security Explorations reported 19 Java 7 security issues to Oracle on Apr. 2. Those issues included the two zero-day -- unpatched -- vulnerabilities that attackers are exploiting to infect computers with malware, Gowdiak said Wednesday via email.
According to a status report received on Aug. 23 from Oracle, the company was planning to fix the two vulnerabilities in its October Critical Patch Update (CPU), together with 17 other Java 7 flaws reported by Security Explorations, Gowdiak said.
Oracle releases security patches every four months. The last Java CPU was released in June and only addressed 3 of the security issues reported by Polish security firm.
"Although we stay in touch with Oracle and the communication process has been quite flawless so far, we don't know why Oracle left so many serious bugs for the Oct. CPU," Gowdiak said.
Oracle did not immediately return a request for comment regarding the vulnerability reports received from Security Explorations.
----
rich |
|
mysecPremium
join:2005-11-29
kudos:4 | reply to SipSizzurp
said by SipSizzurp:I would assume that my Faronics Anti-Executable would deny execution of the malicious code, but would my Anti-Executable also interfere with legitimate Java activity ? ( sorry for the hijack...)
I have JAVA whitelisted for just one site, and Anti-Executable doesn't interfere at all, because in legitimate JAVA activity, a non-whitelisted executable doesn't come into the picture, so there is nothing for Anti-Executable to alert to.
----
rich |
|
mysecPremium
join:2005-11-29
kudos:4 | reply to StuartMW
said by StuartMW:Hopefully someone here will "take one for the team" and will visit a known exploit site. Then we'll know for sure if Oracle "did good".
IMHO, a better test of my security would be to see if protection in place would prevent the exploit from running, without a patch in place.
If my security includes whitelisting plugins per site, then the exploit doesn't run if I am redirected to, or otherwise hit upon a booby-trapped site not white listed.
Below, the source code shows the malicious JAR file but it can't execute if the plugin is not enabled, so the page just sits there and does nothing:
This is reinforced from that JAVA check site:
(Newer versions of browsers include the option to be notified anytime a plugin is asked to run. This will alert to any attempt to exploit a plugin by remote code execution -- aka "drive-by")
Finally, as another poster mentioned, these exploits download a binary executable file, so, protection for that in place takes care of that possibility. Here, an old exploit against v.6:
I'm reminded of an article from almost 6 years ago now:
An Ounce of Prevention
»www.infosec.co.uk/ExhibitorLibra···tion.pdf
This approach [white listing] can effectively eliminate the need to patch in emergency mode. Malicious code by default is not on the white list which means that enterprises can rest assured that their exposed software vulnerabilities are safe from potential exploitation, enabling their IT staff to work proactively to develop scheduled patch deployments rather than being in a constant state of emergency.
----
rich |
|
