[Merged topic]Java 0day Mass Exploit Distribution...

Early 2013 brings with it the first Java 0day mass exploit distribution of the year.

There appears to be multiple ad networks redirecting to Blackhole sites, amplifying the mass exploitation problem. We have seen ads from legitimate sites, especially in the UK, Brazil, and Russia, redirecting to domains hosting the current Blackhole implementation delivering the Java 0day. These sites include weather sites, news sites, and of course, adult sites.

Source: Securelist

It’s really about time people stopped using Java.

When installing Java install the latest 1.7.10. It has the ability to enable or disable it in your browsers. When enabling it there are security levels to choose from.

I would say disable Java in your browsers and enable it when a site needs it (I remember only seeing on pages with scientific demos). That way you will keep drive by downloads at bay while Java is still available for the few applications that require it like Vuze and Limewire/Frostwire.

Source: http://www.securelist.com/en/blog/208194070/Java_0day_Mass_Exploit_Distribution

thanks seany

It's really about time people stopped using Java.
:-TU +1

at the least use NoScript/ScriptSafe
ScriptSafe formerly ScriptNo is very actively developed has become IMO very effective and usable and also IMO getting better all the time :-TU

can CIS detect this?


From what I know it’s a no. CIS is not good at stopping Java exploits.

Simply disable Java in your brwosers as described in this article by Oracle. Java is not used much on the web so you may not miss it.

The latest Java 7 update 10 also supports restriction (security) levels for running Java content in browsers. I dn’t know if setting security lever to high or very high is working against this zero day vulnerability.

Just whanted to warn aboute security flaw inn Java. People use this hole to get control over your computer. Seems like the team at Oracle Leaves the holes there well knowing its there ?.. Its not the first time this happens…

Update: The currently CEO at Oracle, Larry Ellison explains inn his statement to media Saturday that it is the so-called developer tools for Java where the security flaw is located, and not the additional software most people see when such attempts to log on to their online bank’s.

Aboute Java

Oracle is the world’s largest IT companies, with 120,000 employees. Java’s about 3 billion units and are some of the most frequently used software company has developed. Java is used in everything from smart phones to TVs and computers.

Security Environments worldwide railed against the software giant on Friday. The error encountered joins a number of other over the past years

This is the third serious security hole in Java in under a year. The bank`s will ban java forever. They are currently looking for other options if they ■■■■■ up more.

[attachment deleted by admin]

Across the other security forums ppl panic about this… I see no issues. If you don’t want to get rid of Java just use EMET and ExploitShield it can’t pass both.

I can’t understand why, since when I go to a page that uses Java there is a Defence+ warning that pops up and tells me if I want to “allow that javaw.exe connects to xxx.yyy.zzz.234” … why this doesn’t protect me if I say “block”.
Isn’t it sufficient?

You should add an option to the poll. ‘Completely remove Java’.

does anyone know if this applies to all versions of java or does it apply only to java 7 ?


Please consider adding the option install Java but disable in browsers (as 1.7.10 gives this option).

Are you considering to install an older version of Java which will result in getting Java with upatched older security holes?

All versions of Java. On top of that don’t install or use older Java as EricJH explained.

it seems that the latest version of java has a way to disable web stuff directly:


Java 7 Update 11 Available Now…

Maybe so, But I sticking to no Java on any of my Machines. :slight_smile:

I read an article on Mashable today about the exploit. It is at Warning: Java Exploit Potentially Affecting More Than 850 Million Computers | Mashable.

I recall removing Java from my computer last year because I had an issue with Secunia PSI. I also recall only using one website that uses Java, which is Pingtest.net. (It requires it for the packet loss test.)

For those that still use Java I’m glad to know there is an update available.

Until they find a new exploit in this one LOL! :slight_smile:

According to the Oracle website:

This release contains fixes for security vulnerabilities. For more information, see Oracle Security Alert for CVE-2013-0422.

In addition, the following change has been made:

Area: deploy
Synopsis: Default Security Level Setting Changed to High
The default security level for Java applets and web start applications has been increased from “Medium” to “High”. This affects the conditions under which unsigned (sandboxed) Java web applications can run. Previously, as long as you had the latest secure Java release installed applets and web start applications would continue to run as always. With the “High” setting the user is always warned before any unsigned application is run to prevent silent exploitation.

Depending on preference you can now choose to disable Java in browsers in general or set High or Very high security settings.