Java exploitation has been a problem for years. Many of the issues encountered with Java exploitation are usually because versions are out-of-date.
“As the Advanced Malware Analysts administrator/group owner, I see a lot of issues with people not updating Java, Flash Player, and Reader. These attack vectors were used 5 or so years ago, up until today. Still a complete problem. Problem is, people do not use great tools like Secunia PSI or the auto-update feature in each of the plugins’ control panels,” says Jay Pfoutz – administrator and group owner of the Advanced Malware Analysts. The Advanced Malware Analysts are a group of malware analysts whom volunteer on tech support forums across the web to assist in malware removal for free.
Exploitation frequently happens when people fail to update their plugins in a timely manner. Java plugin problems lately have increased because attackers are now targeting Java a lot more.
Here is how to check for the latest updates for Java (should be done weekly):
- If using Mozilla Firefox, Plugin Check is the easiest way.
- Click Start, navigate to Control Panel. Look for Java in the list, and double-click on that. Click the “Update” tab, and then click the “Check for Updates Automatically” check box if you want Java to search for updates automatically. Select how you want Java to notify you about available updates. Or you can hit the Update Now button. More info here
- Verify Java Version Online
- Microsoft: Update Java or kill it (zdnet.com)
- Java vulnerabilities increasingly targeted by attackers, researchers say (infoworld.com)
- New Mac malware uncovered as Mountain Lion is released (apple24seven.wordpress.com)
Secunia has released an upgrade to Personal Software Inspector (PSI). PSI is an automatic patch management system that keeps plugins, programs, and other components up-to-date for you!
The more configurable interface, automatic patching is enabled by default of course, it makes the software more comfortable to use. Some have complained that it gets stuck on scanning for updates, but I’m sure this will be fixed soon!
Feel free to learn more about Secunia PSI: http://secunia.com/vulnerability_scanning/personal/
See a video about PSI: http://www.youtube.com/watch?v=iUmaLmO0gx0
Manage vulnerabilities with Secunia PSI, and manage the performance of your PC with TuneUp!
With TuneUp Utilities 2012 improved performance, less energy consumption, a more streamlined Windows setup and PC in top shape – Try now for free!