Disable your browser's Java plug-in (Another zero-day exploit)

  • Thread starter Thread starter II-zOoLoGy-II
  • 18 comments
  • 2,678 views
II-zOoLoGy-II

II-zOoLoGy-II

(Banned)
Messages
2,713
United States
F YOU
From Kapersky:

There appears to be multiple ad networks redirecting to Blackhole sites, amplifying the mass exploitation problem," Kaspersky Lab expert Kurt Baumgartner wrote. "We have seen ads from legitimate sites, especially in the UK, Brazil, and Russia, redirecting to domains hosting the current Blackhole implementation delivering the Java 0day. These sites include weather sites, news sites, and of course, adult sites.
Click to expand...


http://arstechnica.com/security/201...bug-is-being-massively-exploited-in-the-wild/



UPDATE:
http://java.com/en/download/java_update.jsp
 
Last edited:
Except I, and hundreds of coworkers, need Java and no flavor of Java 7 works with the required software.

Rock.
Me.
Hard place.
 
Ya, I am in the same position at work; I just won't be accessing personal information on work computers.

Its funny, our secretary was alerted by her av software she had malware on her pc this morning. Turns out its been taking screen shots when she accesses her bank account...
 
shmogt
I assume this is a Windows problem like usual and I have nothing to fear on my mac?
Click to expand...

Not necessarily if it's a Java exploit. Best to assume it affects you anyway, that's what I'm doing.
 
So if I disable it in Chrome, my only browser, will I be ok? From what I understand as long as I'm not on a web page with affected ads I'm alright... Correct? And what if I use Adblock? I'm guessing it makes no difference, because that would be way too straightforward...

Oh and thanks for bringing this to our attention, Zoo, I would never have seen this otherwise.
 
TB
Except I, and hundreds of coworkers, need Java and no flavor of Java 7 works with the required software.

Rock.
Me.
Hard place.
Click to expand...

I use Avast free Antivirus and use Adblock Plus with this list:http://www.malwaredomains.com/ on Firefox and latest Java 6 version. Strong combination, had no web virus problems since and even if there is an attack Avast, stops website before it gets even a chance. Also got Comodo Firewall which makes combination even more stronger. This exploit should go away quite quickly I would expect but there probably will be many victims. Always good to update to latest flash version and Java whether 6 or 7.
 
Last edited:
I know why I block ads.

EDIT: Deactivated my Java plug-ins though.
It's seriously annoying...
 
Last edited:
Damnit. I'm on a new Windows 7 computer and I haven't installed Firefox and NoScript yet!









IE? Oh, come on, I'm not THAT stupid. I'm using Chrome.



Gdog96
How do I de-activate Java with chrome?
Click to expand...

Type "chrome://chrome/settings/content" in the address bar in a new tab, it'll take you to the content manager. Scroll down and it'll give you an option to disable Javascript. Then simply whitelist sites that you need it for.
 
niky
Type "chrome://chrome/settings/content" in the address bar in a new tab, it'll take you to the content manager. Scroll down and it'll give you an option to disable Javascript. Then simply whitelist sites that you need it for.
Click to expand...
It is regarding the Java plug-in which not all computers will have it installed. If you do, you can disable it on your web browser by address "chrome://plugins" and disabling Java on there.
 
Java and flash are the most useless plugins nowadays.

Unsecure like an open porch. Funniest is most online banking use it to verify your info, which begs me lots of questions. Even now there is a patch for Java, it will take less then a month to find a new loophole. It never was secure and never will, yet we do our banking stuff on it...
It's like doing your banking stuff on your iphone on a hotspot. Most hackable ever.

Java should finally die off in a ditch

EDIT: Wow, didn't take long, still not safe :lol: Rofl @ java
http://www.kb.cert.org/vuls/id/625617
 
Last edited:
I think they two updates so far but homeland security still says it's not good enough. Continuing to warn people about it and saying keep disabled. One story I was reading said the code being used to exploit these holes are selling for 15k on the "black market". Java also is the reason for the majority of virus' and spyware I forget the exact figure but like 38% than flash coming in second with like 15%. Still no known OSX attacks reported.
 

Latest Posts

Back