eScan – how to protect a PC against hacker attacks via unpatched vulnerabilities Oracle Java
Recall, August 27, 2012 the company FireEye researchers reported in his blog about the dangerous gaps in the Java Runtime Environment (JRE) 1.7 – runtime Java.
Vulnerabilities, the current platforms Microsoft Windows, Mac OS X and Linux, was given the name CVE-2012-4681. Vulnerability CVE-2012-4681 is widely used by hackers – a few hours in the hacker’s arsenal came the latest updates the most popular sets of exploits, including an exploit and under CVE-2012-4681.
In view of the seriousness of the problem, Oracle has released an extraordinary patch covering a specified gap. However, immediately after this, experts of the Polish company Security Explorations reported that in Java with the latest patch there is another serious vulnerability, currently remain open. Exploiting the new hole, the hacker is able to bypass the sandbox the Java Virtual Machine to execute arbitrary code on the computer.
Prior to the appropriate “pay” users can be useful special recommendation of experts eScan to prevent attacks via unpatched vulnerabilities Java:
“A radical method of protection is removing the products from the Java computer systems – eScan board of experts in Russia and the CIS. – However, not all companies and home users have the opportunity, because they use the software running on the basis of JRE, such as programs GoToMeeting, Webex and Elluminate. In this case, the best solution – is to disable Java plug-in Web browser. “
Instructions on how to disable Java plug-in the most popular browsers
- disable Java plug-in in Firefox
By default, Firefox allows automatic launch Java-applets. However, you may decide you do not want to allow running Java-applets. To disable the Firefox Java-applets:
At the top of the Firefox window, click Firefox (Tools menu in Windows XP), and then select Add-ons. It will be a tab Revisions.
Revisions tab, select the Plugins panel.
Click on the Java (TM) Platform plugin, to select it.
Click Disable (if the Enable button is called, then Java is disabled).
Java-applet no longer be allowed to run in Firefox.
- disable Java plug-in Google Chrome
By default, all the plug-ins are allowed (except for those that Google Chrome determines to be obsolete). In the dialog box “content settings” to block specific plug-ins. Here’s how to do it:
Click the wrench icon on Configuration and Management and select Settings.
Click More Settings.
In the “Personal Information”, click Settings content.
In the “Plugins” select “Block All”. To configure exceptions for individual sites, click Exceptions ….
- disable Java plug-in in Safari
To disable the Java web plug-in in Safari, follow these steps:
In Safari, choose Safari > Preferences or press Command-comma (⌘-,)
Uncheck (deselect) “Enable Java”.
Close the Safari preferences window.
To re-enable Java in Safari, check “Enable Java”.
- disable Java plug-in Opera for Windows
The first solution that comes to mind (opera: config # Java) is not true:
If you remove the check mark from the «Java» and restart the browser – Java will remain on! Starting with version 10.50 option opera: config # Java | Enabled has no effect. A processing via Java API and plugins to disable plugins: opera: config # Extensions | Plugins.