Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Exploit:Java/CVE-2011-3544

by Jan 22, 2013 3:08AM PST

I installed the newest update (when prompted by a Java update icon in system tray). The system is an eMachines XP. I was told it installed successfully. Afterward, when the computer user tried to access a yahoo game, a pop-up which had "security warning" on top, (which I've never seen happen on his system previously), appeared, asking permission for a program change info on the computer. He gave it permission, which stopped the pop-up, but when I scanned his computer with Microsoft Security Essentials, "Exploit:Java/CVE-2011-3544" was found. I clicked to remove it as was suggest by the SE scan results, but the window has appeared again, this time when trying to access another game.

Is this exploit from the current Java update? Is there any way to get rid of it?

Discussion is locked

6 Posts
- Collapse + Expand Details
- Collapse -
Answer
No.
by Forum moderator Jan 22, 2013 3:49AM PST

The current Java came out and in hours the reports came in with 2 more exploits. You either have to accept the risk or uninstall Java until the next version comes out.
Bob

- Collapse -
Answer
Another Possibility....
by Forum moderator Jan 22, 2013 9:40AM PST

The newest version of Java has elevated its security to "High" (it was "medium" before) which causes your browser's security system to ask for permission to use the Java applet within the webpage.. So far, on a couple of the websites I visit, which require Java, I've been asked for a similar permissions request ... But, I don't use Microsoft Security Essentials and therefor, I'm not seeing the "Exploit:Java/CVE-2011-3544" warning here...

As such, much like Bob states in his post, you'll need to decide whether to accept the risk, or not play the games.. It might also be possible to remove the original "permissions" request by opening the Java panel in Control Panel, select the "Security" tab, then change the setting from "High" to "Medium" (recognize it's not the safest thing to do).....but I still believe Security Essentials will identify the exploit and block its use... If you still think it's safe although I wouldn't, you might be able to change the Security Essentials' settings to "allow" the detection.

Hope this helps.

Grif

- Collapse -
Which is the latest update?
by raduzhok Jan 27, 2013 10:47AM PST

Thank you Grif for your response. I note that I currently am running V7update9 of Java. Have there been newer updates since that update was issued? The machine which was updated began showing 'security warning' windows after Java was updated. I'll check with the people who installed Security Essentials to find out if the 'warning' is actually from MSE or the exploit itself.
At present, I have not chosen to upgrade until I hear that java released a fully secure update.

- Collapse -
Not Grif but.. in regard to Exploit:Java/CVE-2011-3544
by Carol~ Jan 28, 2013 2:31AM PST

' I note that I currently am running V7update9 of Java. Have there been newer updates since that update was issued?

The latest release was Java 7u11. More about it below.

I don't know if you found where the warning came from (with 7u9 installed), but have a look at what Microsoft has to say about Exploit:Java/CVE-2011-3544 . Scroll down to "Recovery" at the bottom, where you will read:

'To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat: Microsoft Security Essentials or, for Windows 8, Windows Defender''

Update vulnerable Java applications

This threat exploits a known vulnerability in Java. After removing this threat, make sure that you install the updates available from the vendor. You can read more about this vulnerability in Java, as well as where to download the software update from the following links:

CVE-2011-3544
Java Download'

My guess would be .. MSE is detecting the vulnerable update. Be it 7u9 or possibly 7u11.

Also see "Protecting Users Against Java Vulnerability" at the Mozilla Security Blog, where it states:

"Mozilla is extending Click to Play for Java 7u11 due to reports of exploit code available for 7u11 and information that all elements of the original Java bug have not been fully addressed by Oracle in the 7u11 patch."

""The Click To Play feature ensures that the Java plugin will not load unless a user specifically clicks to enable the plugin. This protects users against drive-by exploitation, one of the most common exploit techniques used to compromise vulnerable users. Click To Play also allows users to enable the Java plugin on a per-site basis if they absolutely need the Java plugin for the site."

You stated you had chosen not to upgrade until you hear Java released a fully secure update. As has been noted here and elsewhere, shortly after Java 7u11 was released, the update was reported as "broken and incomplete". Will it ever be fully secure?

Carol

- Collapse -
FYI: 'Understanding the new security in Java 7 Update 11'
by Carol~ Jan 28, 2013 3:07AM PST
- Collapse -
(NT) Thanks Carol, Yep, Newest Is Java 7 Update 11
by Grif Thomas Forum moderator Jan 28, 2013 3:35AM PST
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info