Author Topic: Alert concerning recent versions of Sun Java and CMF  (Read 16564 times)

Offline pudelein

  • Comodo Loves me
  • ****
  • Posts: 128
Alert concerning recent versions of Sun Java and CMF
« on: October 21, 2008, 03:59:56 PM »
This post is to alert users of Comodo Memory Firewall to "yet-one-more" required exclusion: Sun Java JRE 6 updates 7 and 10 can produce the "runaway syndrome" in which a process takes over a CPU completely.  In at least two circumstances. this can cause serious issues.  The offending process is java.exe; there are normally two instances of this, one in %WinDir%\system32, the other in %ProgramFiles%\Java\...\bin.  The ellipsis is replaced by jre6 in the case of JRE 6u10 and by jre 1.6.0_07 in the case of JRE 6u7.

I encountered this issue while trying to install the newly released OpenOffice.org 3.0.  This occurred during installation of the JRE component (6u7 is distributed with OO.o 3) which launches java.exe; the latter eats all available CPU cycles.  It also occurs when running OO.o 3; the sequence Toolks | Options |OpenOffice.orf | Java launches java.exe with the same result.  In both instances it was the copy in %ProgramFiles%\Java\...\bin that was used, but there are surely situations in which this would occur with the other copy instead.

I would advise users of these applications to start the Task Manager or Process Explorer before installing these versions of JRS and OpenOffice.org.  That way the offending process can be terminated quickly; otherwise, it may even require power cycling.

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: Alert concerning recent versions of Sun Java and CMF
« Reply #1 on: October 21, 2008, 07:46:52 PM »
Thank you very much! Have you tested this with Safesurf?
Windows 7 x64
AMD FX 8120, 8gb ram, ATI 6870 1gb

Offline Jim__

  • Comodo Loves me
  • ****
  • Posts: 124
Re: Alert concerning recent versions of Sun Java and CMF
« Reply #2 on: October 21, 2008, 08:02:57 PM »
I also saw the 100% CPU issue with jqsnotify.exe (6u10). The java.exe problem has been around for years. So far I haven't needed to exclude any 3.0 oo exe (I did have the 100% cpu problem with one of the 2.4 exe files). I have another program (SwimMM2.exe) which also needs to be excluded to prevent the 100% cpu problem.

It is not clear what to tell the authors of these programs what they might be doing that causes this.

Offline pudelein

  • Comodo Loves me
  • ****
  • Posts: 128
Re: Alert concerning recent versions of Sun Java and CMF
« Reply #3 on: October 21, 2008, 09:22:52 PM »
[at]Kyle,

No, I don't use SafeSurf, so can't test it.

[at]Jim_,

The only issue for OO.0 3 is that it launches java.exe, so only that (or those, since there are two of them) needs excluding.  I was interested in jsqnotify.exe.  I did not want the Java QuickStarter or the OpenOffice.org one either, so I don't let them operate.  I remember the OO.o 2.4 problem (stclient _wrapper.exe), but that is not present in the new version.

As to the developers changing their ways: I have a list of about a dozen programs that need to be excluded, but this is only the tip of the iceberg, I'm afraid.  For example, most (but not all) of the Linux-like commands provided in the Cygwin package need excluding.  My suspicion (and it is only that) is the specific way each program unit returns to its parent may be the issue; the ones with a *nix heritage may be more likely than others to cause the issue.

Offline Dennis2

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 9439
Re: Alert concerning recent versions of Sun Java and CMF
« Reply #4 on: October 22, 2008, 02:39:37 AM »
I am wondering if it is nothing to do CMF or CPF3.
I install O.O. 3 in the last few days have been using  2.3, after using msconfig to shutdown all non microsoft processes I know this is not as good as uninstalling them will try that when the GA version of CIS is released.
I installed no problem till trying to open O. O. for the first time up pops java.exe 100% cpu uninstalled Java, then when through the opening first time for all accounts.

Install Java 6.7 from standalone file on the last part of install where the patches are install up pops java.exe taking 60/80% cpu had to kill java.exe after nothing happening for approx 4 mins. to finish installing successfully.
I remember now this happen the first time I installed 6.7 so I suspect it is Java that is causing the problem since version 6.7 (you have to install from the standalone file for this to happen).

I am running Open Office 3 now with no exceptions in CMF this problem only occurs when O. O. is being setup for the first time or access options/java as the pudelein has mention in his first post.
When CIS is released I will also uninstall CMF to see if the problem still occurs as it could be one of the files of CMF even though it is not running, and will post back.
Dennis
« Last Edit: October 22, 2008, 03:28:59 AM by Dennis2 »
Moderator: Aims Forum a friendly place. Any concerns? Please PM me and/or review the Forum Policy 2012Updated.
System: Centos 7.5 x64, APF, HTTPS Everywhere, ABP, NoScript
 Fedora 28 x64, APF, HTTPS Everywhere, ABP

Offline pudelein

  • Comodo Loves me
  • ****
  • Posts: 128
Re: Alert concerning recent versions of Sun Java and CMF
« Reply #5 on: October 22, 2008, 10:52:25 AM »
Indeed, Dennis2, my experience and your agree totally.  However, putting java.exe in CMF's exclusion list deals with the OOo  part of the problem.  It probably deals with the Java install issue, but I haven't tried that explicitly.  I am using JRE 6U10 and OOo 3.0 with no more problems.  Even the old issue in OO.o 2.4.1 (stclient_wrapper.exe exclusion needed) is gone.

Offline Dennis2

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 9439
Re: Alert concerning recent versions of Sun Java and CMF
« Reply #6 on: October 25, 2008, 03:06:10 AM »
Sorry you were right and my suspicion were proved incorrect.
Uninstall CIS Beta /CMF install Java and checked java options in O.O. up pop java 6 in the screen no problems with both.

Installed CIS still no problems so it must be one of CMF files being loaded in Java or O.O. which is causing the problem even though I had stopped CMF from running.

Will posted back when I have installed CMF if I find which file it is.
Thanks
Dennis
Moderator: Aims Forum a friendly place. Any concerns? Please PM me and/or review the Forum Policy 2012Updated.
System: Centos 7.5 x64, APF, HTTPS Everywhere, ABP, NoScript
 Fedora 28 x64, APF, HTTPS Everywhere, ABP

Offline doktornotor

  • Comodo's Hero
  • *****
  • Posts: 222
Re: Alert concerning recent versions of Sun Java and CMF
« Reply #7 on: October 25, 2008, 07:44:06 AM »
My exclusion list... IMHO, Java is a piece of junk, I totally despise it...  :-TD >:(

[attachment deleted by admin]

Offline SilentMusic7

  • Comodo's Hero
  • *****
  • Posts: 336
Re: Alert concerning recent versions of Sun Java and CMF
« Reply #8 on: January 05, 2009, 03:52:40 PM »
Thanks to pudelein for telling all of us about the work-around.  I originally saw pudelein's post on oooforum.org.

I experienced the same problems and work-around as pudelein when installing StarOffice 9.0, which is mostly the same as OOo 3.0.  I had Java 6 update 11 installed on WinXP Pro, with all older Java updates removed, before installing StarOffice 9.0.  While the web download of StarOffice does not offer this option, OOo users can download without installing the old Java 6 update 7 by unchecking the box entitled "Include the Java JRE with this download" at http://download.openoffice.org/other.html#en-US

After completing the installation of StarOffice 9.0, I removed the exclusions for Java from CMF, and I haven't seen the 100% CPU problem since.  I have disabled the Java quick start, automatic update checks, tray icon, console and running SunJavaUpdateSched at logon to improve system performance.  Has anyone been able to reproduce the Java interaction with CMF for a case besides StarOffice/OOo installation?  I would really appreciate a website link for a reproducable case.

I am hoping to continue without CMF exclusions for Java to improve security.  A reproducable case would also allow me to test Java 6 update 12 and later.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek