You may have heard about a couple of new "Java Zero Day exploits" that caused a bit of a panic recently. Well, "new" is a relative term since Oracle apparently has known about the problem since April. They planned to address it with their regularly scheduled Java update in October, but their hand was forced when Computerworld reported that the exploits had been added to "Blackhole", a popular hacker's toolkit, and were being served up by hundreds of unique domains. (Computerworld, 8/29/12)
The problem was considered so serious that many experts, including Mozilla's team, recommended users disable the current version of Java. Not very helpful if you need to use sites that require Java in your browser and, by the way, that assumes the user knows how!
Oracle rushed out an unscheduled update for Java to deal with the threat but was embarrassed when issues were immediately discovered with the update. With egg on their corporate face, Oracle had to rush out a second update to deal with the problems. (Computerworld, 8/30/12)
Clearly we need to look for a new approach to protect ourselves from this madness. Haste makes waste, and bad software!
What exactly is the threat?
As with most Java vulnerabilities, this vulnerability is exploited via browser applet. A Java applet is a small application written in the Java programming language that runs within your Web browser. Normally, just within your browser.
If you are unlucky enough to browse to a site that serves you the Java exploit it will trick your system into granting full access to your computer! It then downloads and executes malware that can wreak havoc on your computer and your life.
With full control, the exploit can do whatever it wants. It could delete everything on your hard drive. It could track your activities or enlist you in a botnet.
A botnet is a network of computers, known as zombies, that work together on nefarious activities. This could include sending spam, launching denial of service attacks to bring down web sites and click fraud to inflate advertising revenue. This can be serious stuff and the worst part is you may not even be aware that you are being used, other than your lousy computer performance.
Are you protected? Maybe not!
Most antivirus software only addresses viruses that have been identified and added to a so called "blacklist" of known viruses. They will eventually update their blacklist for this specific issue and when you get their latest update you will be ok, until the next Java exploit or virus is unleashed on the world.
You see, you are always running to stay ahead of the latest villain on the loose! Considering that there are an estimated 50,000 new malware threats unleashed every date that is a lot of running.
I prefer antivirus systems that take a proactive approach, using a "whitelist" approach and sandbox technology. In this technique, the scanner compares programs to a "whitelist" of programs known to be valid. Any untrusted application is automatically sand-boxed and run in an environment where it can do no harm to the user's computer. A sandbox is a restricted virtual operating environment for untrusted programs.
The result is that the malware that is downloaded runs in the sandbox, where it can't harm your computer. The end user is seamlessly protected against the threat AND can continue to use their browser with any interruption.
It is also critical to make sure that any web site where you exchange personal information, such as with e-Commerce sites, are running the Secured Socket Layer (SSL). SSL creates a secured, encrypted connection between the web server and your browser.
In addition, check to make sure that the site is using an SSL Certificate. The certificate authenticates for your browser that the web site can be trusted.
To protect yourself from Java Exploits and other malware, use the best antivirus and firewall software and make sure that you only exchange information with web sites that use SSL Certificates.
Posts
0 comments:
Post a Comment