Java 0 day Mass Exploit

Norton Security | Norton Internet Security
1

Is NIS (and other Norton products) capable to detect the recent Java 0 day Mass Exploit (redirecting to Blackhole sites)?

2

Haven't run into this issue, but a properly configured noscript and browser will stop this before it even has a chance. :)

3

I have it on my system , I wanred it so I found it,   Plus the Ransomware.

 

easy to get the answer then

 

Quads.

4
Quads wrote:

I have it on my system , I wanred it so I found it,   Plus the Ransomware.

 

easy to get the answer then

 

Quads.

I assume JohnDissident's opening post is referring to this:

 

http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/

 

How have you confirmed that Norton products currently block Java vulnerability CVE-2013-0422?

 

As of now (20130111.002), I haven't seen this vulnerability referenced in any of the recent Norton IPS updates.

 

Thanks

5

You work it out then, infect your system.

 

I have the files and see what Norton detect as what or IF.

 

maljava, newest update to the exploit just Trojan.gen for now  how do you think I test the exploit files??

 

have fun testing yourself, just infect your own system.

 

IPS detection  Web Attack: Malicious JAR File Download 11

 

Quads

6

it is something like this Quads?java exploit.JPG

7

Please see the Thread located in my Signature for further Details.

 

 

8
Quads wrote:

You work it out then, infect your system.

 

I have the files and see what Norton detect as what or IF.

 

maljava, newest update to the exploit just Trojan.gen for now  how do you think I test the exploit files??

 

have fun testing yourself, just infect your own system.

 

IPS detection  Web Attack: Malicious JAR File Download 11

 

Quads

I don't need to test anything. Norton has started adding coverage for Java vulnerability CVE-2013-0422 in the latest IPS update (20130113.001).

 

All users: Run LiveUpdate manually to download and apply this Intrusion Prevention update to your Norton product.

 

 

 

 

 

9

Patch has been Released; see this Thread for Details.  Please Apply as soon as possible; thanks.

 

 

10

You don't need to test anything, then again you are not an MR or SSR,    If MR's or SSR said they don't need to test anything, then that is a worry.  They have had to test and look into items I have sent them.

 

Users who are not in the right field, don't have to test.  elsewhere does not have to test cos in the right field.  Would also have not realised Norton / Symantec already detected items without the latest update,  But one file that was downloaded  was not detected by Norton

 

Quads

11

Norton does provide protection :
http://www.symantec.com/connect/blogs/additional-protection-recent-java-zero-day

12

Is NIS (and other Norton products) capable to detect the recent Java 0 day Mass Exploit (redirecting to Blackhole sites)?