Author Topic: Java Exploit -- found by scan. Why didn't Avast block it in real-time? (Read 5146 times)

aVastSeaofSun · « **on:** February 01, 2013, 12:28:46 AM »

I am required to use Java runtime and applets.

For 2 days, I have had Avast running in real-time (version 6.0.1426 (I found the latest version slowed my computer significantly) If the latest version would help the java issue, I am open to updating.
Virus definitions are always updated daily.

The first scan found 3 exploits.
All were in Sun\Java\Deployment\cache\6.0\37\.... Threat: Java:CVE-2012-1723-YG [Expl]

The second scan found 3 exploits, in the same folder (the numbers after the "6.0" changed), and the Threat description filenames were the same.

If Avast found these viruses by a scan, why didn't it block them in real-time?
These scans were 2 days apart - can't Avast use the history in order to block a previously found virus type?
Would updating to the later version of Avast help?

avast@@dvantage77.com · « **Reply #1 on:** February 01, 2013, 12:39:01 AM »

Java is so bad, that it is really impossible to stop all of it, as Oracle has been negligent for far too long (I'm suprised they have not been sued yet)

We are having all of our clients remove Java completely off their systems, and then use Google Chrome and it's java emulator applet anytime Java is required. This is the only way to completely curtail todays Java vulnerabilitites, that I know of, except for unplugging.

Pondus · « **Reply #2 on:** February 01, 2013, 12:39:27 AM »

Quote

If Avast found these viruses by a scan, why didn't it block them in real-time?

maybe you got them before avast had signature for it?

Quote

Sun\Java\Deployment\cache\6.0\

seems you are not using latest java version. http://www.java.com/en/download/index.jsp

aVastSeaofSun · « **Reply #3 on:** February 01, 2013, 12:51:04 AM »

Quote from: avast@ advantage77.com on February 01, 2013, 12:39:01 AM

Java is so bad, that it is really impossible to stop all of it, as Oracle has been negligent for far too long (I'm suprised they have not been sued yet)

We are having all of our clients remove Java completely off their systems, and then use Google Chrome and it's java emulator applet anytime Java is required. This is the only way to completely curtail todays Java vulnerabilitites, that I know of, except for unplugging.

Hi,
Will Google Chrome allow full functionality of Java?

aVastSeaofSun · « **Reply #4 on:** February 01, 2013, 12:56:24 AM »

Quote from: Pondus on February 01, 2013, 12:39:27 AM

Quote
If Avast found these viruses by a scan, why didn't it block them in real-time?
maybe you got them before avast had signature for it?

Quote
Sun\Java\Deployment\cache\6.0\
seems you are not using latest java version. http://www.java.com/en/download/index.jsp

If so, that could be the vulnerability. (I have my Java security set to prompt and multi-prompt me for each option. I only use Java for 2 applications, so I should be able to deny anything else that tries to run.)

The Java Console shows that the instaled version is Version 7, Update 11. When I click update, it says that this is the latest version/build.

Maybe there are parts of previous version still on my computer. I thought I had done a clean install of the current version.
In Add/Remove Programs, there is only Java 7-11.

Is there some more detailed process that will fully delete all Java files, so I can install 7-11 from scratch?

aVastSeaofSun · « **Reply #5 on:** February 01, 2013, 01:08:31 AM »

I just located a version 6 folder among the Java folders. Deleted and will see if this fixes the issue.

iroc9555 · « **Reply #6 on:** February 01, 2013, 01:45:24 AM »

I run Java because I need it for a program; However, I have Java disabled in my browser which is when it is more vulnerable to exploit attacks while browsing the web.

http://www.java.com/en/download/help/disable_browser.xml

Quote from: aVastSeaofSun on February 01, 2013, 12:56:24 AM

Is there some more detailed process that will fully delete all Java files, so I can install 7-11 from scratch?

While it is supposed to remove all traces of Java when you install a new version, I like to install it fresh. So I run JavaRa to remove any remnants of the old version.

http://singularlabs.com/software/javara/

Added: I was looking for the article. Never use Java automatic updates. Oracle installs deceptive software with automatic updates.
http://www.zdnet.com/a-close-look-at-how-oracle-installs-deceptive-software-with-java-updates-7000010038/

MikeBCda · « **Reply #7 on:** February 01, 2013, 09:37:30 PM »

Also, auto-updates (or for that matter, manual update checks from within the app) are, or at least used to be, very late relative to when there's an update available. I gave up on letting Java check when I found that far too often, it was as much as 2 weeks after someone posted notification here in the Updates topic that Java itself found the update.

Now that the one and only site I regularly visit that used to require it has switched from Java to script, I've totally uninstalled Java from my system.

Author Topic: Java Exploit -- found by scan. Why didn't Avast block it in real-time? (Read 5146 times)

aVastSeaofSun

Java Exploit -- found by scan. Why didn't Avast block it in real-time?

avast@@dvantage77.com

Re: Java Exploit -- found by scan. Why didn't Avast block it in real-time?

Pondus

Re: Java Exploit -- found by scan. Why didn't Avast block it in real-time?

aVastSeaofSun

Re: Java Exploit -- found by scan. Why didn't Avast block it in real-time?

aVastSeaofSun

Re: Java Exploit -- found by scan. Why didn't Avast block it in real-time?

aVastSeaofSun

Re: Java Exploit -- found by scan. Why didn't Avast block it in real-time?

iroc9555

Re: Java Exploit -- found by scan. Why didn't Avast block it in real-time?

MikeBCda

Re: Java Exploit -- found by scan. Why didn't Avast block it in real-time?