Blog
Rahul Thadani

How to avoid the latest Java 0-day vulnerability

August 30, 2012
46
Estimated reading time: 2 minutes

Java application software has always been extremely vulnerable due to its cross-platform nature. Exploits developed for this software platform can be used to affect various computer systems across diverse computing environments. Now, a new 0-day vulnerability is being exploited by attackers and this is causing mayhem across the computer security world.

What is the vulnerability?
This latest vulnerability (CVE-2012-4681) has the ability to execute malicious code on any device that has a Java plug-in enabled on a web browser. For the last few days this exploit has been used for targeted attacks but it is expected to become more widespread now as more attackers get their hands on the exploit kit.

What versions of Java are affected?
This vulnerability exploits all systems with Oracle’s Java runtime environment (JRE) 1.7 installed. This includes systems that have updates 0 to 6. A machine that has a lower version installed is not vulnerable. Most browsers have Java plug-ins enabled by default so this is what makes the threat a critical one.

What browsers are vulnerable?
Since this is a cross-platform threat all popular browsers are at risk. This includes all versions of Internet Explorer, Mozilla Firefox and Opera. Google Chrome that runs on Windows XP is also at risk as is Safari that runs on OS X 10.7.4.

People with Macs should not feel that they are invulnerable as this threat is similar to the Flashback malware that affected 600,000 Macs recently. That threat also exploited unpatched Java versions so everyone is at risk here.

What needs to be done?
Oracle only releases updates for Java once every 4 months and very rarely breaks this cycle. As of now the next update will only be available in October so it is imperative to take suitable action immediately. The best course of action one can take now is to disable the Java plug-in from each browser independently or to remove Java runtime completely. Here is what users of the various browsers can do to disable Java:

 

Web Browser

How to Disable Java

Google Chrome

  • Click on ‘Settings‘ under the Spanner option
  • Click on ‘Show Advanced Settings
  • Click on ‘Content Settings‘ under ‘Privacy
  • Scroll to ‘Plug-ins‘ and click on ‘Disable individual plug-ins
  • Disable the check box next to Java
  • If you do not see the Java box then Java is not installed on your machine.

Internet Explorer

  • Open Control Panel and launch the Java applet. If you cannot see it, switch to classic view or small icons view.
  • Click on the ‘Advanced‘ tab.
  • Expand the term ‘Default Java for browsers
  • Uncheck the box next to Internet Explorer.
  • If it does not get unchecked by clicking, select it and press the Space Bar.

Mozilla Firefox

Same process as Internet Explorer. The box that needs to be unchecked is ‘Mozilla family‘.

Opera

Type ‘about:config‘ in the address bar. Expand the Java section and then disable it from there.

NOTE: Do not confuse ‘Java’ with ‘Javascript’.

Google Chrome and Mozilla Firefox users can also use the click-to-play feature. This feature blocks any plug-in content from playing by default. It is not as effective as disabling the plug-in completely but it may just do the trick.

The Browser Sandbox feature in Quick Heal 2013 automatically protects users from such 0-day threats. In the interim period, users are requested to disable Java plug-ins from their browsers or to uninstall Java altogether.

Have something to add to this story? Share it in the comments.

Rahul Thadani
About Rahul Thadani
Rahul is a web enthusiast and blogger, and has been writing about the computer security industry for the last three years. Following the latest technology trends,...
Articles by Rahul Thadani »

46 Comments

Your email address will not be published.

CAPTCHA Image

  1. Excellent advice – I have removed the check marks as explained. Thanks.

    Reply
  2. Thank you for the clear instructions. Hope you’ll inform us when the threat passes (if it does??).

    Reply
  3. govind purohitAugust 30, 2012 at 6:41 PM

    thanks for this but there is confusion that some banking site dont run without java than wht
    plz advice

    Reply
    • Hi Govind,
      We suggest that you turn off Java for the browser that you use for your primary browsing. If you wish to visit a banking website you can open a separate browser just for that purpose. Hope this helps.

      Reply
  4. Some secure websites require Java plug-ins to open. How can that be done if Java is diabled. Please advise

    Reply
    • Hi Shila,
      We suggest that you turn off Java for the browser that you use for your primary browsing. If you wish to visit a website that specifically requires Java you can open a separate browser just for that purpose. But you should close the browser once you are done with that site. This is a temporary solution till Oracle fixes this Java vulnerability.

      Reply
  5. Aniruddha PatankarAugust 30, 2012 at 7:24 PM

    Thanx Sir

    Reply
  6. I tried for internet explorer using control panel, but was unable to disable java plug-in. please help.

    Reply
  7. If java is not installed than what to do???

    Reply
  8. Thank you for the latest info

    Reply
  9. Thnx a lot Rahul.!
    done as said..!!

    Reply
  10. i did as directed….bt still gt some issues!! 🙁

    Reply
  11. I am in-frequent user of the net. Still I have followed the advice. Is it necessary to re-boot the system after this change ?

    Reply
  12. I am unable to uncheck the box next to internet explorer in advanced settings of java in control panel. Please tell me if there’s any other way. does this threat stand if i visit a particular site or all sites with java enabled?

    Reply
  13. Not able to remove the check box, the system gives a message “Please check if you sufficient permissions to change system settings”. I am using Windows 7 Home Edition. Please suggest whats to be done.

    Reply
  14. panka kumar sinhaAugust 30, 2012 at 9:45 PM

    dear sir
    i have quick heal total security installed. Is it necessary to disable Java plug in

    Reply
  15. How do i know if the threat has already victimised my browser? I feel it has because i have already lost google chrome and it is displaying errors while i try to download and install it. Could you please tell me what symptoms this threat would cause, so that i be sure what has happened? And I would be highly obliged if you suggest something i can do.

    Reply
  16. Hi, it’s giving an error of insufficient permission whras im d admin 🙁 can u help plz!

    Reply
  17. LALIT ADHANAAugust 30, 2012 at 11:43 PM

    …….. THANKS FOR GIVEN SUGGESTOINS & IF ANY RELATED QUERY SOON INFRM USSSS !!!!!!!! THANKS ALOTTMENT FOR INSTRUCTIONS

    Reply
  18. Thanx for useful advise. vulnerability blocked.

    Reply
  19. thank you very much it was very useful information 🙂

    Reply
  20. thak u soo much

    Reply
  21. Perfect

    Reply
  22. Thanks for the help to remove Java.

    Reply
  23. Thank You, For, Mentioned Such Important Aspect Of “Java 0-day”…………!

    Reply
  24. THANKS….

    Reply
  25. Is there any threat to mobile users? If yes, how can I disable Java on my cellphone running Android OS and Firefox Browser?

    Reply
  26. Amit VikramAugust 31, 2012 at 10:56 AM

    I have already installed the latest version of Quicheal 2013 on my PC. Do I need to disable Java Plugins?

    Reply
  27. Nadeem AkhtarAugust 31, 2012 at 11:28 AM

    I have quick heal total security installed in my pc (XP), each page i open i get a message of the site you are visiting is dangerous. what is this and how can i stop it. even the home page of google is dangerous!!!

    Reply
    • Hi Nadeem,
      We suggest that you run a full system scan to see if your machine is not infected with any malware. Also, if you have not installed the latest service pack for Windows XP yet, you must do so immediately. This should solve your problem. Let us know if you need further assistance.

      Reply
  28. ranjeet kumarAugust 31, 2012 at 12:35 PM

    How do i know if the threat has already victimised my browser? I feel it has because i have already lost google chrome and it is displaying errors while i try to download and install it. Could you please tell me what symptoms this threat would cause, so that i be sure what has happened? And I would be highly obliged if you suggest something i can do.

    Reply
  29. Thanks alot For updating with with this Crucial UPDATE.Since it is the Mostly widely used.Your updates really help me alot also plz keep the weekly update feature to on since it gives a flashback for updated security.

    thanks once again Rahul.

    Reply
  30. Thanks a lot Rahul for your kind help…
    Regards
    ST :))

    Reply