Close all JAVA APPS 1-11-13
Just saw this shit on GMA.........
By Richard Waters in San Francisco
A serious flaw in the Java software found on most personal computers could expose the machines to being taken over by malicious attacks over the internet, the US agency responsible for policing such vulnerabilities warned on Thursday.
The vulnerability has already been used to mount attacks, according to security researchers, prompting calls for PC and Mac users to disable Java on their computers until a fix has been developed.
The flaw in Java, a free piece of software distributed by Oracle and used to enable features of certain websites to run on all machines regardless of operating system, was highlighted by US-CERT, part of the Department of Homeland Security.
“This vulnerability may allow an attacker to execute arbitrary code on vulnerable systems,” the group warned.
Jaime Blasco, research manager at AlienVault Labs, an antivirus company that was alerted to the problem, described it as a critical flaw that would hit “every single system and every single user”. The nature of the vulnerability made it “very easy to exploit and trick the system,” he added.
Oracle, which took over control of Java with its acquisition of Sun Microsystems, typically releases software fixes for such vulnerabilities in between a week and a month, making it essential for computer users to act more quickly to disable the software, Mr Blasco said.
Oracle did not immediately respond to a request for comment.
So-called “zero-day exploits” such as those uncovered on Thursday are among the most damaging for computer users, since they involve flaws that have already been used to mount attacks before they have been identified by security professionals or the software companies concerned.
In a bulletin warning of the security flaw, US-CERT said it was “unaware of a practical solution to this problem” and advised computer users to disable Java in their browsers.
The vulnerability was first identified by an independent researcher known as Kafeine, who reported it to the agency while also writing about it on his blog. Such public disclosure can be controversial since it alerts malware writers to flaws before computers can be properly protected.
However, this flaw appears to have already been widely known among the criminals and others who prey on unprotected computers, according to security researchers. Four different malware “kits” – collections of vulnerabilities that are sold to wrongdoers – have already been found that include reference to the Java flaw, Mr Blasco said.
http://www.ft.com/cms/s/0/529f3720-5b7c-11e2-9d4c-00144feab49a.html#axzz2Hfjqhx7b
Anybody got the cure to this shit?
Just saw this shit on GMA.........
By Richard Waters in San Francisco
A serious flaw in the Java software found on most personal computers could expose the machines to being taken over by malicious attacks over the internet, the US agency responsible for policing such vulnerabilities warned on Thursday.
The vulnerability has already been used to mount attacks, according to security researchers, prompting calls for PC and Mac users to disable Java on their computers until a fix has been developed.
The flaw in Java, a free piece of software distributed by Oracle and used to enable features of certain websites to run on all machines regardless of operating system, was highlighted by US-CERT, part of the Department of Homeland Security.
“This vulnerability may allow an attacker to execute arbitrary code on vulnerable systems,” the group warned.
Jaime Blasco, research manager at AlienVault Labs, an antivirus company that was alerted to the problem, described it as a critical flaw that would hit “every single system and every single user”. The nature of the vulnerability made it “very easy to exploit and trick the system,” he added.
Oracle, which took over control of Java with its acquisition of Sun Microsystems, typically releases software fixes for such vulnerabilities in between a week and a month, making it essential for computer users to act more quickly to disable the software, Mr Blasco said.
Oracle did not immediately respond to a request for comment.
So-called “zero-day exploits” such as those uncovered on Thursday are among the most damaging for computer users, since they involve flaws that have already been used to mount attacks before they have been identified by security professionals or the software companies concerned.
In a bulletin warning of the security flaw, US-CERT said it was “unaware of a practical solution to this problem” and advised computer users to disable Java in their browsers.
The vulnerability was first identified by an independent researcher known as Kafeine, who reported it to the agency while also writing about it on his blog. Such public disclosure can be controversial since it alerts malware writers to flaws before computers can be properly protected.
However, this flaw appears to have already been widely known among the criminals and others who prey on unprotected computers, according to security researchers. Four different malware “kits” – collections of vulnerabilities that are sold to wrongdoers – have already been found that include reference to the Java flaw, Mr Blasco said.
http://www.ft.com/cms/s/0/529f3720-5b7c-11e2-9d4c-00144feab49a.html#axzz2Hfjqhx7b
Anybody got the cure to this shit?
Last edited:
Yeah. Right after I uninstall Eset and Malwarebytes Pro. Then revert to the default DNS and turn off the firewall on my router. Oh and I'll be sure to use Internet Explorer. 
