Java application software has always been extremely vulnerable due to its cross-platform nature. Exploits developed for this software platform can be used to affect various computer systems across diverse computing environments. Now, a new 0-day vulnerability is being exploited by attackers and this is causing mayhem across the computer security world.
What is the vulnerability?
This latest vulnerability (CVE-2012-4681) has the ability to execute malicious code on any device that has a Java plug-in enabled on a web browser. For the last few days this exploit has been used for targeted attacks but it is expected to become more widespread now as more attackers get their hands on the exploit kit.
What versions of Java are affected?
This vulnerability exploits all systems with Oracle’s Java runtime environment (JRE) 1.7 installed. This includes systems that have updates 0 to 6. A machine that has a lower version installed is not vulnerable. Most browsers have Java plug-ins enabled by default so this is what makes the threat a critical one.
What browsers are vulnerable?
Since this is a cross-platform threat all popular browsers are at risk. This includes all versions of Internet Explorer, Mozilla Firefox and Opera. Google Chrome that runs on Windows XP is also at risk as is Safari that runs on OS X 10.7.4.
People with Macs should not feel that they are invulnerable as this threat is similar to the Flashback malware that affected 600,000 Macs recently. That threat also exploited unpatched Java versions so everyone is at risk here.
What needs to be done?
Oracle only releases updates for Java once every 4 months and very rarely breaks this cycle. As of now the next update will only be available in October so it is imperative to take suitable action immediately. The best course of action one can take now is to disable the Java plug-in from each browser independently or to remove Java runtime completely. Here is what users of the various browsers can do to disable Java:
Web Browser |
How to Disable Java |
Google Chrome |
|
Internet Explorer |
|
Mozilla Firefox |
Same process as Internet Explorer. The box that needs to be unchecked is ‘Mozilla family‘. |
Opera |
Type ‘about:config‘ in the address bar. Expand the Java section and then disable it from there. |
NOTE: Do not confuse ‘Java’ with ‘Javascript’.
Google Chrome and Mozilla Firefox users can also use the click-to-play feature. This feature blocks any plug-in content from playing by default. It is not as effective as disabling the plug-in completely but it may just do the trick.
The Browser Sandbox feature in Quick Heal 2013 automatically protects users from such 0-day threats. In the interim period, users are requested to disable Java plug-ins from their browsers or to uninstall Java altogether.
46 Comments
Excellent advice – I have removed the check marks as explained. Thanks.
Thank you for the clear instructions. Hope you’ll inform us when the threat passes (if it does??).
thanks for this but there is confusion that some banking site dont run without java than wht
plz advice
Hi Govind,
We suggest that you turn off Java for the browser that you use for your primary browsing. If you wish to visit a banking website you can open a separate browser just for that purpose. Hope this helps.
Some secure websites require Java plug-ins to open. How can that be done if Java is diabled. Please advise
Hi Shila,
We suggest that you turn off Java for the browser that you use for your primary browsing. If you wish to visit a website that specifically requires Java you can open a separate browser just for that purpose. But you should close the browser once you are done with that site. This is a temporary solution till Oracle fixes this Java vulnerability.
Thanx Sir
I tried for internet explorer using control panel, but was unable to disable java plug-in. please help.
Hi Dhagash,
You should select the ‘Internet Explorer’ option and then press the space bar on your keyboard. This will uncheck the box.
If java is not installed than what to do???
Hi Jivan,
Then you do not have to worry about this threat.
Thank you for the latest info
Thnx a lot Rahul.!
done as said..!!
i did as directed….bt still gt some issues!! 🙁
Hi Nikhil,
This is only a temporary fix. The matter can only be resolved once Oracle fixes the Java vulnerability. If you need further help, kindly visit this link – https://www.quickheal.com/supp_tic.asp.
I am in-frequent user of the net. Still I have followed the advice. Is it necessary to re-boot the system after this change ?
Hi Vilas,
No you will not need to reboot the system after you make this change.
I am unable to uncheck the box next to internet explorer in advanced settings of java in control panel. Please tell me if there’s any other way. does this threat stand if i visit a particular site or all sites with java enabled?
Hi Rahul,
You need to select the box next to Internet Explorer and then press the space bar on your keyboard. This will uncheck the box.
Thanks.
Not able to remove the check box, the system gives a message “Please check if you sufficient permissions to change system settings”. I am using Windows 7 Home Edition. Please suggest whats to be done.
Hi Apurva,
This is a common problem. We recommend that you contact our support center. You can either visit this link – https://www.quickheal.com/supp_tic.asp. Or you can call us at 927-22-33-000.
Thanks for the patience.
dear sir
i have quick heal total security installed. Is it necessary to disable Java plug in
Hi Pankaj,
Yes, it is still advisable to disable the Java plug-in for now.
Thanks.
How do i know if the threat has already victimised my browser? I feel it has because i have already lost google chrome and it is displaying errors while i try to download and install it. Could you please tell me what symptoms this threat would cause, so that i be sure what has happened? And I would be highly obliged if you suggest something i can do.
Hi Guroo,
It cannot be confirmed that your browser has been attacked without more details. Kindly visit this link – https://www.quickheal.com/supp_tic.asp. Our support team will aid you with this.
Thanks.
Hi, it’s giving an error of insufficient permission whras im d admin 🙁 can u help plz!
Hi Ria,
This is a common problem. We recommend that you contact our support center. You can either visit this link – https://www.quickheal.com/supp_tic.asp. Or you can call us at 927-22-33-000.
Thanks for the patience.
…….. THANKS FOR GIVEN SUGGESTOINS & IF ANY RELATED QUERY SOON INFRM USSSS !!!!!!!! THANKS ALOTTMENT FOR INSTRUCTIONS
Thanx for useful advise. vulnerability blocked.
thank you very much it was very useful information 🙂
thak u soo much
Perfect
Thanks for the help to remove Java.
Thank You, For, Mentioned Such Important Aspect Of “Java 0-day”…………!
THANKS….
Is there any threat to mobile users? If yes, how can I disable Java on my cellphone running Android OS and Firefox Browser?
Hi Ejaz,
As of now there is no threat to mobile users. We will inform our readers of the same if it arises.
Thanks.
I have already installed the latest version of Quicheal 2013 on my PC. Do I need to disable Java Plugins?
Hi Amit,
Yes, you will need to disable the Java plug-ins too.
I have quick heal total security installed in my pc (XP), each page i open i get a message of the site you are visiting is dangerous. what is this and how can i stop it. even the home page of google is dangerous!!!
Hi Nadeem,
We suggest that you run a full system scan to see if your machine is not infected with any malware. Also, if you have not installed the latest service pack for Windows XP yet, you must do so immediately. This should solve your problem. Let us know if you need further assistance.
How do i know if the threat has already victimised my browser? I feel it has because i have already lost google chrome and it is displaying errors while i try to download and install it. Could you please tell me what symptoms this threat would cause, so that i be sure what has happened? And I would be highly obliged if you suggest something i can do.
Hi Ranjeet,
It cannot be confirmed that your browser has been attacked without more details. Kindly visit this link – https://www.quickheal.com/supp_tic.asp. Our support team will aid you with this.
Thanks.
Thanks alot For updating with with this Crucial UPDATE.Since it is the Mostly widely used.Your updates really help me alot also plz keep the weekly update feature to on since it gives a flashback for updated security.
thanks once again Rahul.
Hi Sameer,
Thanks for your support and regular readership. We appreciate it. We will be continuing with the weekly update feature.
Thanks a lot Rahul for your kind help…
Regards
ST :))