Author Topic: Exploit question?  (Read 1850 times)

0 Members and 1 Guest are viewing this topic.

JJB22

  • Guest
Exploit question?
« on: April 22, 2012, 10:51:03 PM »
tried to acess a site and avast blocked a malicious site now my computer is slow when I type
is this my Java or the websites fault?

Infection Details

nyxwv.isdigital.com/images.php?t
Process:   C:\Program Files\Java\jre6\bin\java.exe
Infection:   Java:CVE-2012-0507-BM [Expl]
« Last Edit: April 23, 2012, 12:18:50 AM by JJB22 »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37195
Re: Exploit question?
« Reply #1 on: April 22, 2012, 11:00:42 PM »
edit the link above so it is not clickable......remove http://

avast is reporting a java exploit on a website
is your java updated?

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33577
  • malware fighter
Re: Exploit question?
« Reply #2 on: April 22, 2012, 11:10:24 PM »
Hi JJB22,

Will you make that link non-click-through with hxtp. The only response there is
Quote
Welcome to nginx!
But the url you gave is infecting through an exploit kit via a java exploit,
For all the forum users have an outdated java version and are vulnerable to such an exploit,
check your java version online and update to the latest: http://secunia.com/vulnerability_scanning/online/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

JJB22

  • Guest
Re: Exploit question?
« Reply #3 on: April 23, 2012, 12:20:38 AM »
have removed the http

have 100% score on secinia, is my java corrupted?

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33577
  • malware fighter
Re: Exploit question?
« Reply #4 on: April 23, 2012, 12:35:38 AM »
No, your java is up to date then. If you were not prompted to update. So you know then that you were not vulmerable to that malware exploit code.
Do you realize now how important it is for folks to check that their OS and third party software is fully updated an patched?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!