By using this site, you agree to our Privacy Policy and our Terms of Use. Close

Forums - PC Discussion - Java Vulnerability

Soleron said:
Mr Khan said:
Funny story about Java vulnerability (tangental to the OP, but whatevs), the company i work for, who is very super-serious about protecting confidential information (we deal in names, personal info, social security numbers, federal background checks) has their system running entirely on a Java-based program...

Java is fine, it's the browser plugin that's had all of the vulnerabilities.

I get what you're saying but I think it's phrased wrong.  All the vulnerabilities are in Java, but they are generally of the privilege escalation variety: the Java plug-in is supposed to run its code in a sandbox that denies attempts to mess with the computer, but gaps in security allow carefully crafted attacks to sneak through.  On the other hand, a company's internal applications are not foreign code and I would expect them to already be running with privileges — that code can be trusted at least as far as the programmers who wrote it, so the vulnerability is irrelevant.  Of course it's still a problem if the company has to enable Java in their browsers (perhaps by accident) in order to use it, but it certainly doesn't have to be that way.

Note that some of the companies that got attacked in this recent round of Java security theatre did have the Java plug-in disabled.  It was Java Web Start (.jnlp files) that provided a second attack vector.



Around the Network

You know this is very old news right? the vulnerability have been around since January, afaik the problem hasn't been fixed yet. 



Nintendo and PC gamer

Soleron said:
Mr Khan said:
Funny story about Java vulnerability (tangental to the OP, but whatevs), the company i work for, who is very super-serious about protecting confidential information (we deal in names, personal info, social security numbers, federal background checks) has their system running entirely on a Java-based program...

Java is fine, it's the browser plugin that's had all of the vulnerabilities.

And by there you can gain access to the computer itself. I know that some hackers that were able to do a ransomware (basically it lets you restrict access to the computer) and you can also install viruses in the computer. 



Nintendo and PC gamer

osed125 said:

You know this is very old news right? the vulnerability have been around since January, afaik the problem hasn't been fixed yet. 


Yes it is old news but new news at the same time. I was running the most up to date version when this happened, I do believe that was just released within the last few weeks (version 7.17). I had not heard of this happening since Janurary .



Adinnieken said:
markers said:
Adinnieken said:
Have you been able to perform a Repair? Does the boot screen appear? Is the HDD recognized?

If the boot menu (F8) doesn't appear or Windows doesn't attempt a repair, then you may have MBR virus.

I would download Windows Defender, burn it to an ISO and than attempt to boot using it. You can download it here:

http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline


You can download a legal copy of Windows 7 via the Internet, just use this link:

http://www.mydigitallife.info/official-windows-7-sp1-iso-from-digital-river/

You MUST have a valid Windows 7 license key for the product you've downloaded. So, if your Windows 7 laptop had Home Premium 64-bit you can ONLY install Windows 7 Home Premium 64-bit.

Burn it to ISO, install Windows 7. You may also want to download your drivers from your laptop manufacturer so you have those ready to go.

Considering purchasing HitMan Pro for your AV/AM needs. While I don't use HitMan Pro for my daily AV/AM, I do use it to fix other peoples computers and it's a powerful AV/AM utility. I do, however us Microsoft Security Essentials and haven't had a single infection. Then again, I use Internet Explorer as my browser.


The Boot screen does not display. It advises to enter a dvd/cd and press enter to boot. I enter an old OEM copy of windows I have (yes I have a valid key for the laptop) and it repeats process. In the bios it does not even recognize the HDDs so it is more than likely a MBR virus

I can honestly say I did not know I could run defender when unable to boot. Thank you for your tips and links. I do have a valid windows key with my laptop so that is not a problem.

What is weird is I have MS Security Essentials / AVG  and Malwarebytes but neither found anything until 5 seconds before it all died. From what I witnessed they discovered my java plugin was a threat but before I had a chance to disable it the laptop was toast lol

Thanks again for your links/tips

Check your BIOS and determine if your SATA setting is set for 'On-Chip SATA' or 'Compatibility'.  Windows will need it to be in Compatability mode.  Were you running RAID (two SATA drives)?  If so, you may need to obtain a driver in order to see the RAID array.

Otherwise, you may have a HDD failure.


BIOS shows I am currently set to AHCI - I do run 2 HDDs but it appears my 2nd HDD shows my dvd drive instead of my HDD. (So if you can picture this) Serial ATA Port 0 = HDD seral ATA Port 2 = dvd drive

And it has been around 8 months since I purchased this thing but if I recall there should be 2 500gb HDDs



Around the Network
markers said:
Adinnieken said:

Check your BIOS and determine if your SATA setting is set for 'On-Chip SATA' or 'Compatibility'.  Windows will need it to be in Compatability mode.  Were you running RAID (two SATA drives)?  If so, you may need to obtain a driver in order to see the RAID array.

Otherwise, you may have a HDD failure.


BIOS shows I am currently set to AHCI - I do run 2 HDDs but it appears my 2nd HDD shows my dvd drive instead of my HDD. (So if you can picture this) Serial ATA Port 0 = HDD seral ATA Port 2 = dvd drive

And it has been around 8 months since I purchased this thing but if I recall there should be 2 500gb HDDs

Set it to IDE or Legacy, OR contact your laptop manufacturer for a driver.  Windows will not recognize the controller unless you do one or the other.

I would set it to IDE and see if the HDD is recognized.  If not, you have a dead HDD.  Not a virus.  If the HDD is recognized and it boots, you may have a virus.  If the HDD doesn't boot, and a repair us successful, you may have a virus.  If not for either, you have a dead HDD.

It is entirely possible for a virus scanner to provide a false positive if the HDD is failing.