Author Topic: CIS Premium protect against this new java thing DHS is warning about?  (Read 1719 times)

Offline christophera

  • Newbie
  • *
  • Posts: 4
This java exploit thing that the Department of Homeland Security is warning about and telling people to turn off their java: Mal/JavaJar-B

I have CIS 5.12.256..... with the last db update being 1/12/2013

Am I protected against this?

Should I still follow the instructions to turn java off?

Thanks,

Chris

Offline Sanya IV Litvyak

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 2853
  • Mrreow~
Re: CIS Premium protect against this new java thing DHS is warning about?
« Reply #1 on: January 12, 2013, 11:21:53 AM »
I can't answer your question but I'd recommend updating to the latest version and turning off Java for web-browsers until there is more information.

You can install the latest version from here: https://java.com/en/download/manual.jsp

You can turn off browser support by going to Control Panel > Programs > Java > Security > untick "Enable Java content in the browser"
« Last Edit: January 12, 2013, 11:25:57 AM by SanyaIV »

Offline Radaghast

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 4068
Re: CIS Premium protect against this new java thing DHS is warning about?
« Reply #2 on: January 12, 2013, 06:56:21 PM »
If you don't use Java remove it. If you do need it, disable it until it's needed.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.”

Offline naren

  • Comodo's Hero
  • *****
  • Posts: 4376
Re: CIS Premium protect against this new java thing DHS is warning about?
« Reply #3 on: January 13, 2013, 08:55:03 AM »
If I disable Java, would I get the yellow bar to run Java once/permanently for the site in IE or I would have to enable Java manually.

Any offline program install if needs Java, I would have to enable Java manually, right?

Offline DrHaze

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 466
  • Once A Comodo!Always A Comodo!Go Comodo!!
Re: CIS Premium protect against this new java thing DHS is warning about?
« Reply #4 on: January 13, 2013, 10:53:57 AM »
https://community.rapid7.com/community/metasploit/blog

here's an article on the whole thing...i would be careful
AMD Phenom x4 3.3GHZ 12Gig Ram
Intel Core 2 Quad 2.5ghz 8Gig Ram
Windows 8 x64 Pro

Offline jbustter

  • Comodo Family Member
  • ***
  • Posts: 65
Re: CIS Premium protect against this new java thing DHS is warning about?
« Reply #5 on: January 13, 2013, 03:51:02 PM »
from what i understand, Comodo does not block the exploit, but can probably still detect programs that get to your computer though it and is most likely getting signatures of the latest viruses that abuse it. the main problem (and i am just guessing right now) is that hackers can use this exploit to download and run unwanted programs on your computer, without you being able to see or agree to that download. am i guessing right?

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 19345
Re: CIS Premium protect against this new java thing DHS is warning about?
« Reply #6 on: January 15, 2013, 09:09:06 PM »
The latest Java (update 11) protects against this particular exploit. It also changes the security level from Medium to High. Disabling the plugin is another option,

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek