Spyware, Viruses, & Security forum

Question

Exploit:Java/CVE-2011-3544

by raduzhok / January 22, 2013 3:08 AM PST

I installed the newest update (when prompted by a Java update icon in system tray). The system is an eMachines XP. I was told it installed successfully. Afterward, when the computer user tried to access a yahoo game, a pop-up which had "security warning" on top, (which I've never seen happen on his system previously), appeared, asking permission for a program change info on the computer. He gave it permission, which stopped the pop-up, but when I scanned his computer with Microsoft Security Essentials, "Exploit:Java/CVE-2011-3544" was found. I clicked to remove it as was suggest by the SE scan results, but the window has appeared again, this time when trying to access another game.

Is this exploit from the current Java update? Is there any way to get rid of it?

Answer This Ask For Clarification
Discussion is locked
You are posting a reply to: Exploit:Java/CVE-2011-3544
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Exploit:Java/CVE-2011-3544
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

All Answers

Collapse -
Answer
No.
by R. Proffitt Forum moderator / January 22, 2013 3:49 AM PST

The current Java came out and in hours the reports came in with 2 more exploits. You either have to accept the risk or uninstall Java until the next version comes out.
Bob

Collapse -
Answer
Another Possibility....
by Grif Thomas Forum moderator / January 22, 2013 9:40 AM PST

The newest version of Java has elevated its security to "High" (it was "medium" before) which causes your browser's security system to ask for permission to use the Java applet within the webpage.. So far, on a couple of the websites I visit, which require Java, I've been asked for a similar permissions request ... But, I don't use Microsoft Security Essentials and therefor, I'm not seeing the "Exploit:Java/CVE-2011-3544" warning here...

As such, much like Bob states in his post, you'll need to decide whether to accept the risk, or not play the games.. It might also be possible to remove the original "permissions" request by opening the Java panel in Control Panel, select the "Security" tab, then change the setting from "High" to "Medium" (recognize it's not the safest thing to do).....but I still believe Security Essentials will identify the exploit and block its use... If you still think it's safe although I wouldn't, you might be able to change the Security Essentials' settings to "allow" the detection.

Hope this helps.

Grif

Collapse -
Which is the latest update?
by raduzhok / January 27, 2013 10:47 AM PST

Thank you Grif for your response. I note that I currently am running V7update9 of Java. Have there been newer updates since that update was issued? The machine which was updated began showing 'security warning' windows after Java was updated. I'll check with the people who installed Security Essentials to find out if the 'warning' is actually from MSE or the exploit itself.
At present, I have not chosen to upgrade until I hear that java released a fully secure update.

Collapse -
Not Grif but.. in regard to Exploit:Java/CVE-2011-3544
by Carol~ Forum moderator / January 28, 2013 2:31 AM PST

' I note that I currently am running V7update9 of Java. Have there been newer updates since that update was issued?

The latest release was Java 7u11. More about it below.

I don't know if you found where the warning came from (with 7u9 installed), but have a look at what Microsoft has to say about Exploit:Java/CVE-2011-3544 . Scroll down to "Recovery" at the bottom, where you will read:

'To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat: Microsoft Security Essentials or, for Windows 8, Windows Defender''

Update vulnerable Java applications

This threat exploits a known vulnerability in Java. After removing this threat, make sure that you install the updates available from the vendor. You can read more about this vulnerability in Java, as well as where to download the software update from the following links:

CVE-2011-3544
Java Download
'

My guess would be .. MSE is detecting the vulnerable update. Be it 7u9 or possibly 7u11.

Also see "Protecting Users Against Java Vulnerability" at the Mozilla Security Blog, where it states:

"Mozilla is extending Click to Play for Java 7u11 due to reports of exploit code available for 7u11 and information that all elements of the original Java bug have not been fully addressed by Oracle in the 7u11 patch."

""The Click To Play feature ensures that the Java plugin will not load unless a user specifically clicks to enable the plugin. This protects users against drive-by exploitation, one of the most common exploit techniques used to compromise vulnerable users. Click To Play also allows users to enable the Java plugin on a per-site basis if they absolutely need the Java plugin for the site."

You stated you had chosen not to upgrade until you hear Java released a fully secure update. As has been noted here and elsewhere, shortly after Java 7u11 was released, the update was reported as "broken and incomplete". Will it ever be fully secure?

Carol

Collapse -
FYI: 'Understanding the new security in Java 7 Update 11'
by Carol~ Forum moderator / January 28, 2013 3:07 AM PST
Collapse -
(NT) Thanks Carol, Yep, Newest Is Java 7 Update 11
by Grif Thomas Forum moderator / January 28, 2013 3:35 AM PST
Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Big stars on small screens

Smosh tells CNET what it took to make it big online

Internet sensations Ian Hecox and Anthony Padilla discuss how YouTube has changed and why among all their goals, "real TV" isn't an ambition.