Contact Us




Change Locale

Java Zero Day: Six ways to protect yourself

From the experts | Posted on January 18, 2013 by Matthew Thiffault

I am assuming you are reading this now because you saw this Security Alert for CVE-2013-4022 Released and:

  1. the panic has set in, or
  2. Oracle and Java have taken its toll or
  3. You are now getting e-mails from your executives asking if you are aware, and what you are doing about this!

Let’s quickly assess what the Internet is yelling at us about, and what the real threats are.First off let’s look at the obvious.

There have always been problems with Java. Research demonstrates that a large number of attacks or breaches from last year were a direct result of threats related to Java. Kaspersky Lab estimated that last year 50 percent of all website exploitations were due to vulnerabilities in Java. Platforms that could be vulnerable include Windows, OSX, Linux and pretty much any system you are using that has a browser and java enabled. The United States Department of Homeland Security and Public Safety Canada advised users to disable java in their browsers.

How and What to Exploit.

The way Java is exploited is through an Exploit kit (available for sale online) putting the ability to attack you in the hands of relatively inexperienced attackers. They are using these kits to steal credit card data, personal information and potentially do other harm. Because these kits are being sold all over the Internet it harm spreads very quickly. McAfee covers this in greater detail here.

How to protect.

The 100% guaranteed fix is turn off Java all together, or disable it in your browser (personally this is what I have done). Here’s how to do it.

Now we all know this is not the solution for all scenarios because of how entrenched Java is in business. There are so many internal applications that rely on Java to operate that turning it off internally may end up hindering business. Fortunately there are other ways to protect yourself and your users.

  1. Make sure you are patched and up to date. While several researchers are saying that the time it will really take Oracle to fix all the problems could take very long time. H.D. Moore, Chief Security Officer of Rapid7, said it could take two years for Oracle to fix all the security flaws in the version of Java used to surf the web; that timeframe doesn’t count any additional Java exploits discovered in the future.
  2. Make sure your security tools are tuned and have current signatures. Most security vendors have said that their tools are able to block known .jar files that are served up by various exploit kits.
  3. If you are using a web gateway product make sure you have turned on the web reputation services. Because the exploit will likely be delivered via the web, a web gateway can be the key to successfully defending against this (Learn more about drive by downloads here) Security vendors find malicious sites (intentionally or otherwise) and update their systems to prevent your users from visiting them.  This will ensure that you have the most updated security intelligence from around the world that your vendor provides.
  4. Some firewalls/proxies/web gateways will allow you to flat out block any .jar file all together. This will reduce the likelihood of exploitation but may break essential content on external websites.
  5. Create some new content for your Security Information Event Management System (learn more about SIEM) to watch for users downloading new .jar files and then correlate that to users communicating to know blacklisted sites across the internet.
  6. As a last effort you can also go into the Java control panel under the security tab and set the security level to very high. Most should already be set to high but moving it to very high will limit some other unknown apps from running.

What we need to know is that we have many layers protecting us to ensure where one layer falls short we may be notified at another. If you wish to talk to someone that can help plan a strategy or design a solution please leave a comment below and someone from our security team will respond as quickly as we can. Or talk to your Softchoice rep about how to implement some of these solutions in your network.

Related Posts

Feeling The Pressure Of Big Data? Over the years, data centers became fragmented, with numerous types of proprietary software living in silos inside specialized hardware components - making them complex and ...
About this blog What are you going to get out of this blog? As technology advances, it is paramount that organizations capitalize on the potential efficiencies to be gained and both a...
Study: A Lack of Asset Management is Putting Networks at Risk  Our study of 78 corporate networking environments reveals that neglecting device asset management is exposing organizations to the risk of network outage, ratcheting up mai...

Related Articles

Culture | October 10, 2019 by Alex Macks

Softchoice’s co-op students are hired for their fresh ideas and wealth of knowledge they bring to our Softchoice teams. Ranjit Singh wrapped up his third consecutive co-op term with Softchoice in Summer 2019. He now works part-time as a .NET Developer while completing his last semester at Sheridan College in the Software Development and Network […]

Innovation Executive Forum | September 13, 2019 by Karen Bader

Enterprises today understand the requirement to combat slow and low end-user adoption, especially when the solutions are intended to transform the way people work, as with new communications and collaboration tools. For years, Softchoice has been offering end-to-end, turnkey adoption services, helping businesses across North America unlock more value, quickly, from their key collaboration investments. […]

Uncategorized | August 28, 2019 by Susana Byun

Here are your top 10 must-read Microsoft announcements from August 2019 curated by Softchoice: