Internet Anthropologist Think Tank: MS "unprecedented wave" Java malware exploits

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Tuesday, October 19, 2010

    MS "unprecedented wave" Java malware exploits

    Over 6,000,000 in month .


    Disable java?
    No way to disable Jave in Google Chrome?


    There has been an "unprecedented wave" of exploits against vulnerabilities in Oracle's Java during the third quarter of this year, according to data from the Microsoft Malware Protection Center. The software giant provided the following data to back its claims, outlining three specific vulnerabilities (all of which have patches available) that are being exploited en masse:
    Over the last few years, the main focus of vulnerability protection has been steadily moving away from the OS and instead to the browser,( BAD MOVE BUT EASY ON MS, G ) and the applications that it depends on. Last year, Adobe Reader took the crown away from Microsoft Office as the software with the most vulnerabilities. Brad Arkin, Senior Director of Product Security & Privacy for Adobe Systems, announced in May 2009 that a major Adobe Reader and Acrobat security initiative was underway: code hardening, incident response process improvements, and a shift to a regular security update schedule.
    SOURCE:



    Risks:
    Examination of "source" page above.
    http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars

    Combine external JavaScript (11)
    Enable gzip compression (2)
    Leverage browser caching (77)
    Leverage proxy caching (40)
    Minimize cookie size
    Serve static content from a cookieless domain (8)
    Specify image dimensions (1)
    Web Page Performance
    Optimize the order of styles and scripts (5)
    Put CSS in the document head (1)
    Remove unused CSS rules (776)

    empty.htmlFailed to load resource
    b:-1Resource interpreted as image but transferred with MIME type text/plain.
    count:-
    1Resource interpreted as script but transferred with MIME type application/json.
    count.json:-
    1Resource interpreted as script but transferred with MIME type application/json.

    Unsafe JavaScript attempt to access frame with URL
     http://static.addtoany.com/menu/sm1.html#page;http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars from frame with URL
    http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.reddit.com/static/button/button1.html?width=120&url=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars&title=Microsoft%20sees%20%22unprecedented%20wave%22%20of%20Java%20malware%20exploits&bgcolor=fff&bordercolor=eee from frame with URL
     http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars&layout=button_count&show_faces=false&width=85&action=like&font=arial&colorscheme=light&height=21 from frame with URL
    http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://platform0.twitter.com/widgets/tweet_button.html?_=1287481343826&count=horizontal&counturl=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars〈=en&text=Microsoft%20sees%20%22unprecedented%20wave%22%20of%20Java%20malware%20exploits&url=http%3A%2F%2Farst.ch%2Fmuc&via=arstechnica from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.facebook.com/connect/connect.php?id=19374573752&connections=10&stream=0&css&locale=en_US&logobar=0 from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://static.arstechnica.net//public/v6/footer.html?1287260854 from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL
    http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars from frame with URL http://ad.adlegend.com/iframe?spacedesc=2000398_1090258_728x90_1201153_2000398&target=_blank&@CPSC@=http://ad.doubleclick.net/click%3Bh%3Dv8/3a38/3/0/%2a/w%3B229161266%3B0-0%3B0%3B31555509%3B3454-728/90%3B38708792/38726549/1%3B%3B%7Eaopt%3D3/1/96/0%3B%7Esscs%3D%3f. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://static.addtoany.com/menu/sm1.html#page;http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.reddit.com/static/button/button1.html?width=120&url=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars&title=Microsoft%20sees%20%22unprecedented%20wave%22%20of%20Java%20malware%20exploits&bgcolor=fff&bordercolor=eee from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars&layout=button_count&show_faces=false&width=85&action=like&font=arial&colorscheme=light&height=21 from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://platform0.twitter.com/widgets/tweet_button.html?_=1287481343826&count=horizontal&counturl=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars〈=en&text=Microsoft%20sees%20%22unprecedented%20wave%22%20of%20Java%20malware%20exploits&url=http%3A%2F%2Farst.ch%2Fmuc&via=arstechnica from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.facebook.com/connect/connect.php?id=19374573752&connections=10&stream=0&css&locale=en_US&logobar=0 from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://static.arstechnica.net//public/v6/footer.html?1287260854 from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.reddit.com/static/button/button1.html?width=120&url=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars&title=Microsoft%20sees%20%22unprecedented%20wave%22%20of%20Java%20malware%20exploits&bgcolor=fff&bordercolor=eee from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars&layout=button_count&show_faces=false&width=85&action=like&font=arial&colorscheme=light&height=21 from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://www.facebook.com/connect/connect.php?id=19374573752&connections=10&stream=0&css&locale=en_US&logobar=0 from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://static.arstechnica.net//public/v6/footer.html?1287260854 from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://platform0.twitter.com/widgets/tweet_button.html?_=1287481343826&count=horizontal&counturl=http%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2010%2F10%2Fmicrosoft-sees-unprecedented-wave-of-java-malware-exploits.ars〈=en&text=Microsoft%20sees%20%22unprecedented%20wave%22%20of%20Java%20malware%20exploits&url=http%3A%2F%2Farst.ch%2Fmuc&via=arstechnica from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://static.addtoany.com/menu/sm1.html#page;http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.

    Unsafe JavaScript attempt to access frame with URL http://ad.adlegend.com/iframe?spacedesc=2000398_1090258_728x90_1201153_2000398&target=_blank&@CPSC@=http://ad.doubleclick.net/click%3Bh%3Dv8/3a38/3/0/%2a/w%3B229161266%3B0-0%3B0%3B31555509%3B3454-728/90%3B38708792/38726549/1%3B%3B%7Eaopt%3D3/1/96/0%3B%7Esscs%3D%3f from frame with URL http://arstechnica.com/business/news/2010/10/microsoft-sees-unprecedented-wave-of-java-malware-exploits.ars. Domains, protocols and ports must match.


    G
    Tactical Internet Systems analyst.
    .

    0 Comments:

    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home