Attack virus

[Stu]

FYI, yesterday, Norton blocked a "Malicious Java Download 13" attack on my computer while I was on the board.

[roadhog0]

I think the FAQ's infected. My antivirus is complaining too

[duckdudess]

Same report from Firefox this morning. IS this going to be addressed ?

[fuzzynormal]

Same report from Firefox this morning. IS this going to be addressed ?

The Java exploit is all over the net, not just here. It's so bad the Feds even recommend turning off Java in your browser.

Java is made by Oracle. Oracle is the AMC of software developers, if that gives you any perspective.

Don't browse the net with Java anyway, you really don't miss it much.

[LarryS]

Just to add what Fuzzy said, Java and Javascript are two different things made by two different companies. Java should be disabled or uninstalled but javascript is fine.

[esty]

3 times in the past 2 days, when clicking on a thread or link in the forum i've had unknown files trying to download

[Stu]

I had multiple, sequential attacks last night. As my Norton Anti-Virus was stopping them, a separate warning screen came up that the faq site is totally infected and is not safe.

[fuzzynormal]

the faq site is totally infected and is not safe.

It's actually completely safe if you avoid the problem.

Again, just disable Java. While you're at it, also install an ad blocker. I use AdBlockPlus and Ghostery.

If you browse the web and then automatically save a lot of your passwords through your browser, you've put ALL that info at risk because of this malicious Java exploitation.

Online banking with an automatic password login and you've been bopping around here lately ignoring the warnings? Consider yourself vulnerable.

Go change your passwords just to be safe.

In addition to all that, Oracle is a lousy company and will NOT effectively fix the problem anytime soon. Java has been compromised and is more worthless now than it used to be.

Java is used mostly for ad tracking, and why allow that to happen anyway? Just turn it off.

http://nakedsecurity.sophos.com/2012/08/30/how-turn-off-java-browser/

Here's another metaphor: You probably work under the hood on your car. Do the same with your PC, browser, and browser "add-ons".

If you do this, the rest of your browsing on the commercial net becomes a lot smoother and pleasant as well.

Get in there and make things run like they're supposed to. Drain the old fluids, put in some fresh stuff. Adjust the carbs, check the valves. Take off the emission controls so the thing can breathe like it should.

[Stu]

Fuzzy, thanks for the info, but I had a problem removing Java.

I went to uninstall a program, and found "Java SE Runtime Environment 6 Update 20." It is Sun Microsystems, not Oracle. I clicked on uninstall, got a prompt to confirm that I wanted to uninstall, clicked yes, then another prompt came up "Do you want to allow this program to update the software?" If you click no, end of process, no uninstall. If you click yes, it starts updating Java (I then clicked cancel).

Any help? Thanks, Stu.

[fuzzynormal]

Fuzzy, thanks for the info, but I had a problem removing Java.

Oracle bought Sun, but that doesn't really matter.

You don't have to nuke Java from your OS, You can just disable Java for web-browsing:

http://nakedsecurity.sophos.com/2012/12/19/java-7-update-10-introduces-important-new-security-controls/

Consider Firefox as a browser. Lots of good/easy-to-use security and ad blocking add-ons for that app.

[Stu]

I have Java 6, so I guess it's more complicated.

[bnam]

Yes, the site is infected despite the protestations of some who claim that it's a user problem.

[fuzzynormal]

Yes, the site is infected despite the protestations of some who claim that it's a user problem.

Yeah, but the user can also avoid the problem here (and everywhere else on the net) with a few easy steps.

[fuzzynormal]

http://www.csmonitor.com/Business/2013/0112/Disable-Java-Here-s-how-after-US-agency-warns-of-software-vulnerability.

[bnam]

Yes, aware of this and Java is disabled.

But, even with Java disabled, many threads are still infected with pop-ups which show up despite the presence of ad-block and pop-up blockers.

Site search "Repa seat belt install and click first result" -- still get pop-ups.

Looks like Steve spent quite a bit of time/$ getting experts to go thru the site, but the results don't seem to have improved.