Skip navigation
McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Hayton's Blog

1 Post tagged with the microsoft tag
0

I've noted from time to time in posts elsewhere that Java exploits are increasingly becoming a problem. Up until now that view was mainly based on anecdotal evidence - apart from the one time when I encountered what may have been an exploit : investigating a website for a SiteAdvisor question, I found a mirror site which, as soon as it loaded, caused a Java console window to open, and a rapid stream of Java messages appeared in the window - I was not amused.

 

Now, though, I've found some articles to lend weight to the growing impression that Java is too much trouble to have running on your system. Most users who have Java installed would be better off without it. You need to keep a constant watch on places like CNET for information about the latest Java vulnerabilities and patches; the automatic update settings in the Java Control Panel need to be set to Daily (the default is, I think weekly - or even monthly) and even then Java is extremely vulnerable to zero-day exploits. If you have any previous versions of Java on your system you are inherently more open to malware attack than if you have only the latest, patched, version - older versions should be removed. If you have applications or websites that really do need Java to run properly, then keep Java - but keep it updated. Otherwise, the advice from many security experts is that you should disable it, or remove it completely - you can always reinstall it if required, and that way you know you're getting the latest version.

 

These articles are from 2010, when the spike in Java exploits was just getting under way.

"Don’t Need Java? Junk It". - Krebs on Security (blog).  (June 2010)

"Java: A Gift to Exploit Pack Makers#" - Krebs on Security (blog).  (October 2010)

"Have you checked the Java?" - Technet Blogs - Microsoft Malware Protection Center - Threat Research & Response Blog.   (October 2010)

 

A more recent take on the subject is provided by Microsoft in a blog about the Microsoft Safety Scanner ("a just-in-time, free cleanup tool" - why haven't we got one of those, then?). In the first seven days 20,000 infected machines were detected, and on those machines 7 of the top 10 threats (by numbers found) were files containing exploits for Java vulnerabilities. The blog refers to the most recent Microsoft Security Intelligence Report (v10) which shows that 6 million Java exploits were detected by Microsoft in 2010; Flash exploits by comparison barely registered at all.

 

"Microsoft Safety Scanner detects exploits du jour" - Technet Blogs - Microsoft Malware Protection Center - Threat Research & Response Blog.   (May 2011)



Hayton

Hayton

Member since: Sep 27, 2010

This is for ongoing topics where posts might be on the long side, for making notes of useful fixes to often-reported problems, for reporting on discussions in other forums ... and anything else. I'll refine it as I go along.

View Hayton's profile