Author Topic: A New Java Flaw  (Read 13350 times)

0 Members and 1 Guest are viewing this topic.

Jahn

  • Guest
A New Java Flaw
« on: April 11, 2010, 09:50:15 PM »
Quote
The best workaround for this serious flaw, until Sun issues its patch is to not use Java, or Disable javaws/javaws.exe and disable Deployment Toolkit.

http://www.informationweek.com/blog/main/archives/2010/04/serious_java_fl.html (several redirects)

Offline Jtaylor83

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1066
Re: A New Java Flaw
« Reply #1 on: April 11, 2010, 10:36:39 PM »
Or just uninstall Java until then.
Avast 6.0, MalwareByte's Anti-Malware, CCleaner, Defraggler, DownloadHelper, WOT, NoScript, KeyScrambler, Thunderbird, Firefox, Windows XP SP3.

Offline Alan Baxter

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 412
Re: A New Java Flaw
« Reply #2 on: April 11, 2010, 11:26:31 PM »
I've disabled the Java Deployment Toolkit plugin in Firefox to reduce the attack surface.  Aside from that it will be business as usual, i.e. allow the use of Java by only trusted programs and websites.

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: A New Java Flaw
« Reply #3 on: April 11, 2010, 11:38:07 PM »
strange ... nothing from Secunia so far (at least from PSI). There was something two weeks ago but I thought it was solved with "update 19"... so there's something else now it seems, and Secunia is late.

that was the last thing I heard of:
http://secunia.com/advisories/37255

edit: oups, I see this was updated on the 8th of April...
« Last Edit: April 11, 2010, 11:39:56 PM by Logos »
w7 - ais7

Jahn

  • Guest
Re: A New Java Flaw
« Reply #4 on: April 14, 2010, 12:32:21 AM »

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: A New Java Flaw
« Reply #5 on: April 14, 2010, 12:37:29 AM »
yep

Quote
A vulnerability has been discovered in Sun Java, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an input sanitation error in the Java Deployment Toolkit browser plugin. This can be exploited to pass arbitrary arguments to javaw.exe and e.g. execute a JAR file placed on a network share in a privileged context.

Successful exploitation allows execution of arbitrary code by tricking a user into visiting a malicious web page.

The vulnerability is confirmed in JRE version 6 Update 19. Other versions may also be affected.
« Last Edit: April 14, 2010, 12:39:01 AM by Logos »
w7 - ais7

Jahn

  • Guest
Re: A New Java Flaw
« Reply #6 on: April 14, 2010, 12:53:35 AM »
Logos, you haven't disabled Java? I immediately disabled the plugins in each browser and blocked Java from running with CIS D+.

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: A New Java Flaw
« Reply #7 on: April 14, 2010, 11:33:12 AM »
Logos, you haven't disabled Java? I immediately disabled the plugins in each browser and blocked Java from running with CIS D+.

no I haven't... I'm not that worried...There aren't that many sites running Java and I'm usually warned when one wants to use it...in Firefox at least. I don't use Internet Explorer.

edit: not sure yet, I might still block it ;)
w7 - ais7

Offline harman123

  • Sr. Member
  • ****
  • Posts: 298
Re: A New Java Flaw
« Reply #8 on: April 14, 2010, 02:20:51 PM »
When will they patch this flaw?

Does Avast blocked this?

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 63713
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: A New Java Flaw
« Reply #9 on: April 14, 2010, 05:09:53 PM »
no I haven't... I'm not that worried...There aren't that many sites running Java and I'm usually warned when one wants to use it...in Firefox at least. I don't use Internet Explorer.
edit: not sure yet, I might still block it ;)

Yes, you should at least deactivate the Java Deployment Toolkit in firefox...!!! (until a fix is released)
Better to deactivate/block all Java Plugins/Add-Ons if you don't need them. I read on a security site, that NoScript won't protect you, am not sure about that, but just to be safe i disabled java for now.

@Jahn: Many thanks for posting the info to this forum!!! :)
Win 8.1 [x64] - Avast PremSec 20.2.2401.BC [UI.505] - CC 5.65 - EEK - Firefox ESR 68.6.1 [NS/AOS/uBO/PB] - TB 68.6 - ASB/ASL.BUC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: A New Java Flaw
« Reply #10 on: April 14, 2010, 05:41:09 PM »
I disabled Java in IE, Chrome and Firefox a couple of hours ago just in case, thought it's better after all...but I didn't block Java completely (from def+ as suggested), as I still want java to check automatically for updates and get the patch when it's there. This said I'm pretty sure NS would protect me in Firefox, but I use Chrome a lot atm...I'll try to check what they say on NS forums...
« Last Edit: April 14, 2010, 05:42:50 PM by Logos »
w7 - ais7

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: A New Java Flaw
« Reply #11 on: April 14, 2010, 05:51:55 PM »
w7 - ais7

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: A New Java Flaw
« Reply #12 on: April 14, 2010, 06:20:33 PM »
w7 - ais7

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 63713
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: A New Java Flaw
« Reply #13 on: April 15, 2010, 12:19:40 AM »
Hi Logos, thanks for posting on NS Forum & the info, good to hear. :)
I already wondered, how it could bypass NS...
So we are rather safe even with java on with FF and NS! 8)
asyn
Win 8.1 [x64] - Avast PremSec 20.2.2401.BC [UI.505] - CC 5.65 - EEK - Firefox ESR 68.6.1 [NS/AOS/uBO/PB] - TB 68.6 - ASB/ASL.BUC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: A New Java Flaw
« Reply #14 on: April 15, 2010, 12:22:54 AM »
yeah, the answer from Maone was rather laconic though :D
w7 - ais7