New threat from 'fileless' bots?

marknmtMarch 20, 2012

My wife just read about a new malware threat that infects computers after users click on certain banners after visiting certain Russian news links. Evidently the technique is expected to spread.

The article, parts of which I almost understood, referred to Java vulnerabilities and suggested a security patch called CVE-2011-3544, and they also mentioned using a Geo Filter.

Is this for real, and if so, what should I do to protect my wife's Vista and my Ubuntu systems?

Thanks very much -once again- for your help.

Mark

Here is a link that might be useful: Blog about fileless bot

Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

one of the reasons it is SO SO important to keep everything updated. INCLUDING Java!! these java exploits keep creeping up in number and if Java updates are not done to patch each of these new vulnerabilities then you are wide open.
Many people have chosen to do away with Java and js , or at least use the firefox add on No script which will block a lot of these type of scripting exploits including i frame ones.

Use the secunia tool to check for updates on all your windows pc needs
Secunia Online Software Inspector (OSI)
run it regularly

    Bookmark   March 20, 2012 at 3:15PM
Thank you for reporting this comment. Undo
mikie_gw

and try to stay away from .ru sites.

    Bookmark   March 21, 2012 at 1:58AM
Thank you for reporting this comment. Undo
marknmt

Thanks (once again!) for your advice and help.

Won't have any trouble staying away from .ru sites, but eventually this technique will spread.

I'm running No Script now. That dern OSI looks a little intimidating but we'll figure it out.

Best,

Mark

    Bookmark   March 21, 2012 at 8:54AM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

The secunia OSI is very easy just let it run the scan on your pc it will then tell you everything that it finds that is outdated and needs updating and will even link to where you need to go.
If you find something outdated and need help just come here and ask for help.
Remember that flash updates must be done on every browser and you must use that browser to go get the update and install it. For those other than IE it is called NON IE flash you can google that.

    Bookmark   March 21, 2012 at 1:55PM
Thank you for reporting this comment. Undo
zep516

"Java flaws are a favorite target of miscreants and malware because of the programs power and massive install base: Oracle estimates that Java is installed on more than three billion machines worldwide."

"Worse still, Java is now among the most frequently-attacked programs, and appears to be fast replacing Adobe as the target of choice for automated exploit tools used by criminals."

"At the very top of my nix-it-now list is Java, a powerful
application that most users have on their systems but that probably few actually need."

https://krebsonsecurity.com/2010/06/dont-need-java-junk-it/

    Bookmark   March 21, 2012 at 7:15PM
Thank you for reporting this comment. Undo
deew

Zep, are you recommending that the average user delete Java on their computers?

Dee

    Bookmark   March 23, 2012 at 9:14AM
Thank you for reporting this comment. Undo
mikie_gw

There are lots of computers that dont have java installed that I've fixed, by installing jave when they cant access certain sites. They probably have happily surfed for years before it was needed by them.

I can go a week or two before some webpage will be a problem & and suddely that little light bulb appears over my head that says ... remember you disabled the java plug ins.

    Bookmark   March 23, 2012 at 9:39AM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

Dee if you use firefox just install no script that way you still have it available should you need it but until you do it is blocked plus no script helps with other issues also.

    Bookmark   March 23, 2012 at 1:15PM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

Here is the link to the official no script page which explains a lot. Definitely check out the faq page.
There are some firefox no script tutorials around too, it can be a pain at first till the learning is done.

Here is a link that might be useful: No script

    Bookmark   March 24, 2012 at 1:25AM
Thank you for reporting this comment. Undo
deew

Thanks, RC. Actually, I've had No Script for several years, but I still thought you had to keep Java installed and updated.

    Bookmark   March 24, 2012 at 4:44PM
Sign Up to comment
More Discussions
how do I bypass my login?
I recently took my HP laptop to Data Doctors and it...
cornsnake_lover
What's with this new Houzz thing?
Been away a couple days, and came back to this, what...
shaddy101
Outlook problem bugging me
From my email program outlook 2013 I keep getting a...
big_al_41
Helping a elderly friend with their computer remotely
She is in her 90's, lives alone and needs help with...
jane__ny
Internet Explorer keeps shutting down
I have just ignored this problem for the past 3 months...
Lea Grabb
© 2015 Houzz Inc. Houzz® The new way to design your home™