Jump to content

Does Malwarebytes protect against drive by download Java vulnerabilities?


Recommended Posts

Java 1.6 and now 1.7 both have some pretty serious vulnerabilities. I'm curious if Malwarebytes Pro protects against the those as well as the 1.7 recently realized exploit. Does it?

Here is some dirt on the 1.7 vulnerability:

https://isc.sans.edu/diary.html?storyid=13984&rss

http://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html

Below was copied from deependresearch.org:

6. If the exploit is successful, it downloads and executes a malicious binary, which calls to another IP address/domain
hello.icon.pk / 223.25.233.244

Malware behavior and indicators

Payload: : hi.exe Size: 16896

MD5: 4A55BF1448262BF71707EEF7FC168F7D


  1. Legitimate Portable Media Serial Number Service
    MsPMSNSv.dll
    is deleted from C\WINDOWS\system32


  2. Malicious
    mspmsnsv.dll
    is copied to C\WINDOWS\system32


  3. "Portable Media Serial Number Service" (WmdmPmSN in the registry) is running.

https://www.virustotal.com/file/09d10ae0f763e91982e1c276aad0b26a575840ad986b8f53553a4ea0a948200f/analysis/

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.