Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: Exploit:Java/CVE-2011-3544

by: raduzhok January 22, 2013 11:08 AM PST

Like this

0 people like this thread

Staff pick

Resolved question

Exploit:Java/CVE-2011-3544

by raduzhok - 1/22/13 11:08 AM

I installed the newest update (when prompted by a Java update icon in system tray). The system is an eMachines XP. I was told it installed successfully. Afterward, when the computer user tried to access a yahoo game, a pop-up which had "security warning" on top, (which I've never seen happen on his system previously), appeared, asking permission for a program change info on the computer. He gave it permission, which stopped the pop-up, but when I scanned his computer with Microsoft Security Essentials, "Exploit:Java/CVE-2011-3544" was found. I clicked to remove it as was suggest by the SE scan results, but the window has appeared again, this time when trying to access another game.

Is this exploit from the current Java update? Is there any way to get rid of it?


raduzhok has chosen the best answer to his/her question!
Click here to view the answer that was selected.

Answer This
Ask for clarification
Report offensive post
Email to friend
Answers
Answer Best answer as chosen by user raduzhok

No.

by R. Proffitt Moderator - 1/22/13 11:49 AM

In Reply to: Exploit:Java/CVE-2011-3544 by raduzhok

The current Java came out and in hours the reports came in with 2 more exploits. You either have to accept the risk or uninstall Java until the next version comes out.
Bob


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend
Answer Best answer as chosen by user raduzhok

Another Possibility....

by Grif Thomas Moderator - 1/22/13 5:40 PM

In Reply to: Exploit:Java/CVE-2011-3544 by raduzhok

The newest version of Java has elevated its security to "High" (it was "medium" before) which causes your browser's security system to ask for permission to use the Java applet within the webpage.. So far, on a couple of the websites I visit, which require Java, I've been asked for a similar permissions request ... But, I don't use Microsoft Security Essentials and therefor, I'm not seeing the "Exploit:Java/CVE-2011-3544" warning here...

As such, much like Bob states in his post, you'll need to decide whether to accept the risk, or not play the games.. It might also be possible to remove the original "permissions" request by opening the Java panel in Control Panel, select the "Security" tab, then change the setting from "High" to "Medium" (recognize it's not the safest thing to do).....but I still believe Security Essentials will identify the exploit and block its use... If you still think it's safe although I wouldn't, you might be able to change the Security Essentials' settings to "allow" the detection.

Hope this helps.

Grif


Was this reply helpful? (1)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Which is the latest update?

by raduzhok - 1/27/13 6:47 PM

In Reply to: Another Possibility.... by Grif Thomas Moderator

Thank you Grif for your response. I note that I currently am running V7update9 of Java. Have there been newer updates since that update was issued? The machine which was updated began showing 'security warning' windows after Java was updated. I'll check with the people who installed Security Essentials to find out if the 'warning' is actually from MSE or the exploit itself.
At present, I have not chosen to upgrade until I hear that java released a fully secure update.


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Not Grif but.. in regard to Exploit:Java/CVE-2011-3544

by Carol~ Moderator - 1/28/13 10:31 AM

In Reply to: Which is the latest update? by raduzhok

' I note that I currently am running V7update9 of Java. Have there been newer updates since that update was issued?

The latest release was Java 7u11. More about it below.

I don't know if you found where the warning came from (with 7u9 installed), but have a look at what Microsoft has to say about Exploit:Java/CVE-2011-3544 . Scroll down to "Recovery" at the bottom, where you will read:

'To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat: Microsoft Security Essentials or, for Windows 8, Windows Defender''

Update vulnerable Java applications

This threat exploits a known vulnerability in Java. After removing this threat, make sure that you install the updates available from the vendor. You can read more about this vulnerability in Java, as well as where to download the software update from the following links:

CVE-2011-3544
Java Download'

My guess would be .. MSE is detecting the vulnerable update. Be it 7u9 or possibly 7u11.

Also see "Protecting Users Against Java Vulnerability" at the Mozilla Security Blog, where it states:

"Mozilla is extending Click to Play for Java 7u11 due to reports of exploit code available for 7u11 and information that all elements of the original Java bug have not been fully addressed by Oracle in the 7u11 patch."

""The Click To Play feature ensures that the Java plugin will not load unless a user specifically clicks to enable the plugin. This protects users against drive-by exploitation, one of the most common exploit techniques used to compromise vulnerable users. Click To Play also allows users to enable the Java plugin on a per-site basis if they absolutely need the Java plugin for the site."

You stated you had chosen not to upgrade until you hear Java released a fully secure update. As has been noted here and elsewhere, shortly after Java 7u11 was released, the update was reported as "broken and incomplete". Will it ever be fully secure?

Carol


Was this reply helpful? (1)   (0)

Staff pick

Reply
Report offensive post
Email to friend

FYI: 'Understanding the new security in Java 7 Update 11'

by Carol~ Moderator - 1/28/13 11:07 AM

In Reply to: Not Grif but.. in regard to Exploit:Java/CVE-2011-3544 by Carol~ Moderator

The below touches on the elevated security level Grif alluded to, in addition to other aspects of the update.

Understanding the new security in Java 7 Update 11

http://blogs.computerworld.com/cybercrime-and-hacking/21664/understanding-new-security-java-7-update-11

And then there's......

Oracle's Java Chief Promises to "Fix" Java

End of Java "talk" happy


Was this reply helpful? (1)   (0)

Staff pick

Reply
Report offensive post
Email to friend

(NT) Thanks Carol, Yep, Newest Is Java 7 Update 11

by Grif Thomas Moderator - 1/28/13 11:35 AM

In Reply to: Which is the latest update? by raduzhok


Was this reply helpful? (1)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close

You are requesting a clarification of the question: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Submit Clarification Request Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close

You are posting an answer to the question: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Submit Answer Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close
close

Click here to be notified via e-mail when someone submits an answer.

Would you like to resolve this question? close

Based on your response, it looks like this question has been answered.



Sorry, there was a problem resolving this question. Please try again.

Resolve Leave unresolved