Yet another Java exploit thread.

HAVOC

HAVOC

New member
Guru
VIP
Local time
9:29 PM
Messages
1,355
Location
Connecticut
I got infected by the Anti-piracy ransomware thing yesterday. Is the infection related to the Java exploit?

I used tools recommended on this site and it looks to be fixed. I also uninstalled Java 6 and Java 7 (had both on my system?). While on the Java website they showed an option in the Java control panel, under the security tab to disable Java in the browser (only available in Java 7). If Java is needed, would this be an option to look at or are there other holes?

To be safe, I'll be doing a clean install later this week. How can I make sure Java doesn't get installed when I reinstall? I'm not sure if Java gets installed with one of my programs or if it gets installed with IE.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
custom build
OS
Windows 7 Professional 64bit
CPU
Intel i7-5960X
Motherboard
EVGA X99 Classified
Memory
64GB Corsair Dominator 2400MHz
Graphics Card(s)
3 EVGA GTX980's
Sound Card
on board
Monitor(s) Displays
3 Dell E2715H 27"
Screen Resolution
1920x1080 (5760x1080)
Hard Drives
Samsung 950 Pro 1TB M.2 SSD,
Western Digital Black 2TB HDD's x5
Western Digital Black 1TB HDD's x3
PSU
Corsair AX1200i
Case
Corsair 750D
Cooling
Corsair H110i GT
Keyboard
Corsair K70
Mouse
Corsair M45
Internet Speed
250 down/10 up
Antivirus
Microsoft Security Essentials
Browser
IE 11, Google Chrome
I won't be installing Java in my next clean install. I thought I needed it to access a website that I use for work. I just visited the website (without Java) and the website is working normally.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
custom build
OS
Windows 7 Professional 64bit
CPU
Intel i7-5960X
Motherboard
EVGA X99 Classified
Memory
64GB Corsair Dominator 2400MHz
Graphics Card(s)
3 EVGA GTX980's
Sound Card
on board
Monitor(s) Displays
3 Dell E2715H 27"
Screen Resolution
1920x1080 (5760x1080)
Hard Drives
Samsung 950 Pro 1TB M.2 SSD,
Western Digital Black 2TB HDD's x5
Western Digital Black 1TB HDD's x3
PSU
Corsair AX1200i
Case
Corsair 750D
Cooling
Corsair H110i GT
Keyboard
Corsair K70
Mouse
Corsair M45
Internet Speed
250 down/10 up
Antivirus
Microsoft Security Essentials
Browser
IE 11, Google Chrome
January 13, Krebs on Security [FONT=Times New Roman,Times New Roman][FONT=Times New Roman,Times New Roman]– (International) [/FONT][/FONT][FONT=Times New Roman,Times New Roman][FONT=Times New Roman,Times New Roman]Oracle ships critical security update for Java. [/FONT][/FONT][FONT=Times New Roman,Times New Roman][FONT=Times New Roman,Times New Roman]Oracle released an update for Java to fix the recent critical vulnerability that allowed malware to exploit computers running the program. The update also increases the default security settings for running Java applications from ‘medium’ to ‘high.’ Source: Oracle Ships Critical Security Update for Java — Krebs on Security
[/FONT][/FONT]
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Intel DZ77GA-70K
OS
Microsoft Windows 8.1 Enterprise 64-bit
CPU
Intel(R) Core(TM) i7-3770K CPU @ 4.7GHz (Overclocked)
Motherboard
Intel Corporation DZ77GA-70K, 0066 BIOS version
Memory
32 GB 12800 DDR3 Crucial Ballistix Sport
Graphics Card(s)
NVIDIA GeForce GTX 660 SC x 2 (SLI) by EVGA
Sound Card
(1) Bluetooth Hands-free Audio (2) NVIDIA High Definition
Monitor(s) Displays
LG 27" HDMI
Screen Resolution
12920 x 1080 x 32 bits (4294967296 colors) @ 60Hz
Hard Drives
Intel 120GB SSD (ATA INTEL SSDSC2CT12 SCSI Disk Device)
Western Digital Caviar Black 64M cache 2TB 7200rpm (ATA WDC WD2002FAEX-0 SCSI Disk Device), 3 x WD 150Gb 10k Velociraptor hard drives in RAID 0 (testing)
PSU
Corsair 750w fully modular
Case
Corsair 650D with perforated side panel
Cooling
3 200mm case fans, Intel liquid cooling for CPU w 120mm fans
Keyboard
Logitech backlit
Mouse
Dell
Internet Speed
11Mbps DSL
Antivirus
Windows Defender, MalWareBytes Pro and CCleaner Pro
Browser
Chrome, IE and FireFox (latest versions)
Other Info
Windows Home Server 2011 with 10 clients at home
Just don't install it during your fresh install. To be completely protected, you also want to disable the Java Plugin for IE9 in the Manage Add-ons menu.

It doesn't seem to matter how much they update or what they pretend to do. Java is just too easily compromised. Malware of all sorts just goes right past all system security, disables your firewall, antivirus, everything. The best thing to do is let Java go and move on to HTML5.
 

My Computer

OS
Windows 7 Home Premium 64-bit
I know about the "critical security update" but also read that Java still has a bunch of holes. So I won't be using it anymore.
I had a message pop up from MSE stating that it detected and cleaned an item, a couple minutes later, the FBI warning. So I don't know if it's related.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
custom build
OS
Windows 7 Professional 64bit
CPU
Intel i7-5960X
Motherboard
EVGA X99 Classified
Memory
64GB Corsair Dominator 2400MHz
Graphics Card(s)
3 EVGA GTX980's
Sound Card
on board
Monitor(s) Displays
3 Dell E2715H 27"
Screen Resolution
1920x1080 (5760x1080)
Hard Drives
Samsung 950 Pro 1TB M.2 SSD,
Western Digital Black 2TB HDD's x5
Western Digital Black 1TB HDD's x3
PSU
Corsair AX1200i
Case
Corsair 750D
Cooling
Corsair H110i GT
Keyboard
Corsair K70
Mouse
Corsair M45
Internet Speed
250 down/10 up
Antivirus
Microsoft Security Essentials
Browser
IE 11, Google Chrome

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Intel DZ77GA-70K
OS
Microsoft Windows 8.1 Enterprise 64-bit
CPU
Intel(R) Core(TM) i7-3770K CPU @ 4.7GHz (Overclocked)
Motherboard
Intel Corporation DZ77GA-70K, 0066 BIOS version
Memory
32 GB 12800 DDR3 Crucial Ballistix Sport
Graphics Card(s)
NVIDIA GeForce GTX 660 SC x 2 (SLI) by EVGA
Sound Card
(1) Bluetooth Hands-free Audio (2) NVIDIA High Definition
Monitor(s) Displays
LG 27" HDMI
Screen Resolution
12920 x 1080 x 32 bits (4294967296 colors) @ 60Hz
Hard Drives
Intel 120GB SSD (ATA INTEL SSDSC2CT12 SCSI Disk Device)
Western Digital Caviar Black 64M cache 2TB 7200rpm (ATA WDC WD2002FAEX-0 SCSI Disk Device), 3 x WD 150Gb 10k Velociraptor hard drives in RAID 0 (testing)
PSU
Corsair 750w fully modular
Case
Corsair 650D with perforated side panel
Cooling
3 200mm case fans, Intel liquid cooling for CPU w 120mm fans
Keyboard
Logitech backlit
Mouse
Dell
Internet Speed
11Mbps DSL
Antivirus
Windows Defender, MalWareBytes Pro and CCleaner Pro
Browser
Chrome, IE and FireFox (latest versions)
Other Info
Windows Home Server 2011 with 10 clients at home
You must log in or register to reply here.

Similar threads

Clone a Harddrive for another laptop.
Replies
2
Views
89
torchwood
torchwood
Problem with Windows Explorer crashing
Replies
11
Views
2K
Gwaihir
Gwaihir
Windows 7 dual boot troubleshooting
Replies
1
Views
678
BewilderedBob
B
Solved Received BSOD on 04/19/26 after istalling manual windows update
Replies
9
Views
4K
torchwood
torchwood
Solved Disable a specific program for the command line? No external programs
Replies
2
Views
3K
giacomodebello
G
Back
Top