Jump to content

Recommended Posts

Exploit:JAVA/CVE-2010-4454 Is back and can bypass Malware Bytes firewall and Microsoft Security Essentials fire wall.

Running Malware Bytes full scan revealed nothing. Running Microsoft Security Essentials full scan did find the Trojan and removed it.

Sends out spam emails out using your email address--screws up the operation and speed of your computer also.

I notified Malware but they said to put it on this forum site and I don't know what good that will do because the owners of this malicious malware as learned how to bypass the new firewalls so this is something the Security division is going to have to fix

Link to post
Share on other sites

MBAM and MSE are not Firewall applications.

Firewall applications are software or on appliances used to block sites and TCP and UDP protocols based upon rules based criteria.

MBAM doesn't target .CLASS files and doesn't extract files from Archive files such as; RAR, ZIP, LZH, 7z, CHM, etc.

Malicious .CLASS files are Java and exist in Java Jars which are ZIP files but with the extension.JAR.

What do you mean "I notified Malware " ??? That doesn't make any sense.

The Java exploit code represented in the detection "Exploit:JAVA/CVE-2010-4454" means that a web site was hosting a malicious Java Jar that exploits CVE-2010-4454 and is usually associated with what is called the "Black Hole Exploit Kit". The Black Hole Exploit Kit is a set of software someone with malicious intent can use to put on a web site to get you infected. The web site could be setup deliberately to be malicious or could be a legitimate site that was compromised that has had code placed on the server to redirect you to a site deliberately being malicious. It could be a site you visit or a site sent to you in email.

Right off the bat when you look at the vulnerability name "CVE-2010-4454" one can tell this vulnerability was found in 2010. That means there is a strong likelihood that an updated version of Oracle Java was released to mitigate this vulnerability.

The Black Hole Exploit Kit uses multiple vulnerabilities searching for one your computer that not been patched yet. This includes Adobe PDF, Adobe Flash and Oracle Java. What this means is that not only must you make sure the OS your computer runs is up-to-date in all patched but you must make sure ALL the software on your PC must be up-to-date. For example the latest Adobe Reader is v10.1.2 and Oracle Java is at version 7 update 3 (or version 6 update 31) . If those software reside on your computer and is an older version then your PC is not up-to-date leaving your computer "At Risk" to such malicious activity as the Black Hole Exploit Kit.

Link to post
Share on other sites

  • Root Admin

More than likely this will correct your issue, however if your are infected or think you may be infected then you should seek assistance with malware detection and removal instead.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Download the latest version of Java Runtime Environment (JRE) 6 and Save it to your Desktop.

http://www.oracle.co...oads/index.html

Scroll down to where it says Java SE 6 Update 31

Click the Download button under JRE to the right.

Read the License Agreement then select Accept License Agreement

Click on the link to download Windows x86 Offline and save the file to your desktop.

Close any programs you may have running - especially your web browser.

Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.

Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java™ 6) in the name.

Click the Remove or Change/Remove button.

Repeat as many times as necessary to remove each Java versions.

Reboot your computer once all Java components are removed.

Then from your desktop double-click on jre-6u31-windows-i586.exe to install the newest version.

After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)

On the General tab, under Temporary Internet Files, click the Settings button.

Next, click on the Delete Files button

There are two options in the window to clear the cache - Leave BOTH Checked

Applications and Applets

Trace and Log Files

Click OK on Delete Temporary Files Window

Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

Click OK to leave the Temporary Files Window

Click OK to leave the Java Control Panel.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.