After a massive Java 0-day vulnerability surfaced in August 2012, Oracle released an out-of-cycle update to combat the exploit. However, we advised our readers to simply disable Java on their web browsers to avoid the threat. Java has now become a highly vulnerable program that causes more trouble than it is worth and this is highlighted by the fact that yet another 0-day Java vulnerability has surfaced.
Apparently, this latest exploit was put up for sale over an anonymous underground forum where the seller invited bids and claimed that the kit would only be sold twice. It is believed that the reason behind this is if there are only 2 buyers, it will take a longer time for the code to be detected by system protection software agencies. However, one of the potential buyers leaked this information and this has the computing world racing to disable Java at the earliest. The exploit kit allows an attacker to plant malicious Java applets in websites. These applets then invade machines as drive-by downloads when an unsuspecting victim visits a compromised website.
A series of Java security holes
This piece of news follows close behind reports that Oracle just released a new security patch (Java 7 Update 11) a couple of days back. This patch was designed to combat a security flaw (CVE-2013-0422) that was being exploited by Blackhole and Nuclear Pack, 2 crimeware products that compete against each other. Blackhole recently informed its users that they had an undiscovered Java security hole which they would offer as a New Year’s present for their customers. Nuclear Pack soon made the same announcement and this prompted immediate action from Oracle to patch Java.
In the midst of all this, we recommend that you completely disable Java from the web browser that you use. Malware writers are creating threats against Java with an alarming regularity so you should only enable this program if it is absolutely essential. You can learn how to disable Java on various browsers through this post.
The confusion about ‘Java vs JavaScript’
One issue that seems to regularly crop up whenever a Java security hole is discovered is the differentiation between Java and JavaScript. Some people accidentally turn off JavaScript whereas some are left confused about the similar sounding names. To clarify, Java and JavaScript are not the same.
It is important to understand that JavaScript is basically a part of a web browser. It controls the look and functionality of certain pages and it remains embedded with the browser application at all times. On the other hand, Java is a program that runs independently from the browser. It allows other applications to function when the Internet is accessed. Additionally, Java leaves plug-ins (known as applets) in a system for this purpose. So, Java and JavaScript are completely different and should not be mixed up.
Quick Heal 2013 provides the Browser Sandbox feature that actively blocks 0-day threats. However, it is still recommended to disable Java completely to avoid such threats now and in the future.
12 Comments
A question over here.
I’am also a minor computer security expert and I’ve learnt that some Java Applets (actually Backdoors and Trojans) appear completely safe when scanned with Quick Heal Internet Security 2013. I’ve tested those applets on my own system and came to knew that Quick Heal does not alert the user the moment he downloads such files. Quick Heal only identifies the Trojan when a user runs a ‘Complete System Scan’ in his Computer. Many Users don’t usually come to know that they’ve come in contact with a Trojan and leave their system as it is and the hacker easily gets time to explore and exploit their entire system within that time.
A normal user can’t go on with repeatedly scanning his entire system throughout the time he is online. Therefore I request Quick Heal,Inc to come up with a solution for this vulnerability.
Many people won’t be reading your blogs and they may not be coming to know about this problem.
Hi Kanishk,
Thanks for your feedback. It has been passed to the necessary department. If possible, can you provide more details or some screenshots?
Regards.
Where should I mail the details to you?
Hi Kanishk,
Please visit this link – https://www.quickheal.co.in/submitticket.asp. You will have to enter some details under the ‘Sample file submission’ department to share the data that you have. We appreciate your help and your enthusiasm for the same.
Thanks and regards.
I read your comments about JAVA issues for PC and BOTNET threat for android. Can you help me to remove JAVA from home PC and suppport for andoid threat?
Hi Ajit,
Refer to this link to remove Java from your web browser – https://blogs.quickheal.com/how-to-avoid-latest-java-0-day-vulnerability/. For Android support, you can search for Quick Heal products on Google Play through your device and install it from there itself.
Regards.
Rahul,Used link information to remove JAVA. For android phone downloaded quickheal app.
Thank you
Glad to hear that Ajit. Thanks.
When I switched off PC today evening and and restarted PC windows starting system crashed. With help of HP tools available on laptop I could restart the system.
Thank you Rahul.Furtur please assist me.
Nice Differentiation for java and javascript
Thanks once again..