Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1125 Views 3 Replies Latest reply: Jan 16, 2013 3:06 PM by rmetzger RSS
mcuser999 Newcomer 25 posts since
Feb 28, 2011
Currently Being Moderated

Jan 15, 2013 11:55 AM

What is the DAT Number which includes the Java Exploit Vulnerability?

Hi -

 

What is the DAT Number which includes the recent Java Exploit Vulnerability?

I need to make sure that this DAT is protecting my system from this Java exploit since I cannot disable Java within my browser as I need to work with programs that do require Java enabled within the browser.

 

Thanks in advance!

  • rmetzger Champion 567 posts since
    Jan 4, 2005

    mcuser999 wrote:

     

    Hi -

     

    What is the DAT Number which includes the recent Java Exploit Vulnerability?

    I need to make sure that this DAT is protecting my system from this Java exploit since I cannot disable Java within my browser as I need to work with programs that do require Java enabled within the browser.

     

     

    Check out "McAfee Labs Security Advisory: MTIS13-008" https://community.mcafee.com/docs/DOC-4574

     

    This is the latest publically published document as of 'now' by McAfee related to this Java vulnerability.

     

    According to the pdf: https://community.mcafee.com/servlet/JiveServlet/downloadBody/4574-102-1-7531/MT IS13-008.pdf

     

    MTIS13-008.pdf:

     

    DAT FILES

         Coverage is available in the 6952 DATs,released January 11. Exploit binaries are

         detected as PWS-Zbot.gen.aua, Exploit-CVE2013-0422, JS/Blachole-Redirector,

         Ransom-AAV, and JS/Exploit-Rekit.a.

    Today's release Dat file is at version 6956.

     

    Consider updating Java (directly from Oracle) here:

    http://www.oracle.com/technetwork/java/javase/downloads/index.html

     

    Additional info can be found here (US-CERT VU#625617):

    http://www.kb.cert.org/vuls/id/625617

     

    VU#625617:

     

    Solution

                Update to Java 7u11

     

    Oracle Security Alert CVE-2013-0422 states that Java 7 Update 11 addresses this (CVE-2013-0422) and an equally severe, but distinct vulnerability (CVE-2012-3174). Immunity has indicated that only the reflection vulnerability has been fixed and that the JMX MBean vulnerability remains. Java 7u11 sets the default Java security settings to "High" so that users will be prompted before running unsigned or self-signed Java applets.

     

     

    So, in my humble opinion, an update to Java should be done, regardless of AV solutions.

     

    When updating, you may want to Uninstall Java 6 entirely from you system, if you can, as updates to this version has stopped with v6u38, 2012-11-17.

     

    When updating Java, you may need to update both 32-bit versions And 64-bit versions of Java, to make sure the vulnerability is properly fixed.

     

    Realize that once the 64-bit version is installed, Java will Not automatically retrieve updates, which the 32-bit version currently does.

     

    Of course, the 64-bit version applies to those with 64-bit systems.

     

    Hope this is helpful.

    Ron Metzger

     

    Message was edited by: rmetzger (v6 updates) on 1/15/13 3:18:13 PM EST
  • rmetzger Champion 567 posts since
    Jan 4, 2005

    Yes, the SuperDAT or xDat executables are the complete signature files. The signature files are packaged together with a script language specifically designed to do whatever McAfee deems needed to repair, replace, or otherwise change McAfee software, signatures, etc., that the standard update process would not normally be capability of doing. The SuperDAT also includes the latest Scan Engine (as of now) v5400 and can repair that installation as well as updating and repairing the signature files.

     

    Download the most recent xdat or SDat and you have the most recent version. As of this post, version 6957 is available.

     

    If you are successfully updating (unmanaged) via McAfee's site, the xDat or SDat executables are not needed.

     

    I Strongly Advise updating Java if possible.

     

    Good luck.

    Ron Metzger

     

    Message was edited by: rmetzger on 1/16/13 4:13:19 PM EST

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points