dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed

I run Linux am I still a PC?
united state
reply to scottp99

Re: Anit-Virus protecting me from this Java vulnerability?

To answer your question, No.

Anti-Virus software are not good at detecting zero-days, and are horrible overall in detecting exploits.

If you insist on leaving Java enabled in your browser, then i suggest you:

1. Enable Software Restriction Policies by following this guide. »www.mechbgon.com/srp/

2. Install and Configure Microsoft EMET

opt all your web browsers, and every executable inside your Java install directory into EMET protection...and might as well opt Adobe Flash player, your PDF reader, and pretty much every other app on your computer that has a browser plugin into the EMET protection.

Now mind you, there is no gurantee EMET will stop this exploit, it just makes exploits more difficult to pull off...as the forced ASLR randomizes memory address every time an application is open, Forced DEP forces applications to run under NX-Bit.

Software Restiction policies, if you follow the guide, will set up your system where a script, exe, .bat, or any executable file type of any kind won't run unless:

1. its located in Windows Folder or Program Files Folder.

2. It is run as an administrator by "right clicking" the File and Selecting "Run as Administrator"

so SRP will stop probably 99.9% of all possible drive-by infestations, usb autorun based malware, and pretty much anything else you can think of unless you purposely run the file in question as Admin blindly clicking though your UAC dialogs.

All these tools are free, they come with Windows, and will protect you more then your AV software can....just read the guides for Software Restriction Policies and EMET and set them up...I wouldn't surf the internet without them...thats how confident I am in them.

Just like I won't surf the Net on a Linux machine without AppArmor...same principle applies

good luck!