How to avoid the latest Java 0-day vulnerability
Java application software has always been extremely vulnerable due to its cross-platform nature. Exploits developed for this software platform can be used to affect various computer systems across diverse computing environments. Now, a new 0-day vulnerability is being exploited by attackers and this is causing mayhem across the computer security world.
What is the vulnerability?
This latest vulnerability (CVE-2012-4681) has the ability to execute malicious code on any device that has a Java plug-in enabled on a web browser. For the last few days this exploit has been used for targeted attacks but it is expected to become more widespread now as more attackers get their hands on the exploit kit.
What versions of Java are affected?
This vulnerability exploits all systems with Oracle’s Java runtime environment (JRE) 1.7 installed. This includes systems that have updates 0 to 6. A machine that has a lower version installed is not vulnerable. Most browsers have Java plug-ins enabled by default so this is what makes the threat a critical one.
What browsers are vulnerable?
Since this is a cross-platform threat all popular browsers are at risk. This includes all versions of Internet Explorer, Mozilla Firefox and Opera. Google Chrome that runs on Windows XP is also at risk as is Safari that runs on OS X 10.7.4.
People with Macs should not feel that they are invulnerable as this threat is similar to the Flashback malware that affected 600,000 Macs recently. That threat also exploited unpatched Java versions so everyone is at risk here.
What needs to be done?
Oracle only releases updates for Java once every 4 months and very rarely breaks this cycle. As of now the next update will only be available in October so it is imperative to take suitable action immediately. The best course of action one can take now is to disable the Java plug-in from each browser independently or to remove Java runtime completely. Here is what users of the various browsers can do to disable Java:
|
Web Browser |
How to Disable Java |
|
Google Chrome |
|
|
Internet Explorer |
|
|
Mozilla Firefox |
Same process as Internet Explorer. The box that needs to be unchecked is ‘Mozilla family‘. |
|
Opera |
Type ‘about:config‘ in the address bar. Expand the Java section and then disable it from there. |
NOTE: Do not confuse ‘Java’ with ‘Javascript’.
Google Chrome and Mozilla Firefox users can also use the click-to-play feature. This feature blocks any plug-in content from playing by default. It is not as effective as disabling the plug-in completely but it may just do the trick.
The Browser Sandbox feature in Quick Heal 2013 automatically protects users from such 0-day threats. In the interim period, users are requested to disable Java plug-ins from their browsers or to uninstall Java altogether.