What is Java\CVE-20-12-0507.CA? Is this a Virus?

snowshine:

Can I ask why you were running a full scan with MSE? Was your system experiencing problems, or do you run full scans routinely?

The reason I ask is that full scans (as opposed to quick) are more likely to find false positive detections, particularly when your system is working well. I seldom run or recommend routine full scans for that reason.

The exploit detected is indeed serious (if true):

http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/

As indicated in Krebs' article, if you have Java running, there was a patch issued months ago to prevent that exploit. Are you running the latest jre (Java Runtime Environment)? I believe the latest version is Version 7 Update 5.

Check your Add or Remove programs list to find the version. You should also make sure that if any older versions of jre are also listed, that you uninstall them.

If your JRE is fully up-to-date, and no old versions are present, and your system is working well, then the odds are this is a false positive detection.

If otherwise, then all bets are off, and you might need further help. Please advise.

Snowshine.

Always helpfull to know the name of the file infected so that you can analize with Virus Total and discard a F/P:

https://www.virustotal.com/

I do not know how MSE works but CVE-2012-0507 is a vulnerability or exploit found in older versions of Java and not a malware.

http://www.crn.com/news/security/232700528/underground-toolkit-arms-hackers-for-java-flaw.htm

http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0507

I say. Is it posible MSE is just alerting you of some kind of unwanted modificacion and not an infeccion ?

I think BugBatter better answer this question.

Hi joe53,

I do not normally run a full scan with MSE. However in the last few days I noticed my computer would not go to sleep after a period of inactivity. Even if goes into sleep mode [ from noise I suspect it is about to go into sleep mode] it does wake up immediately!! This prompted me to run the full scan though it may not be necessary.

This resulted in me finding the above. I followed on to remove it as requested by the MSE. This however has not made any difference to my computer ability to go into sleep mode. It does still wake up immediately even if I put the computer to sleep.

I have the latest Java I believe. The details at Add or Remove programs indicate I have Java 7 Update 5 & Java 7 Update 7 [64bit].

Perhaps, I should remove Java altogether. My children [Age 11 & 13 ] also uses it for I guess internet based games of some sort!!! My daughter goes on this ??"Moshy Monsters" "Poptropica" and Son goes on "War Light" ect... I do not know if those sites would require Java?-I must perhaps test to see!!  I will be in dog's house!! if they could not play their games..

Thank you joe for your assistance.

Regards

Hi Hernan,

WOW, so much information you're able to direct me to see..

I have the latest Java [I guess I have from what I read here and tested] & I presume it is patched. i do not have older version of Java.

i do not know as to how to identify the infected file. My MSE full scan took over an hour. I just from time to time looked on the screen while the MSE was scanning and the folder details run marathon.!!

I am aware many do not now have the Java and read a lot ky discussing in another thread in here.

I do not know running the on demand [free] version of the MBAM is of any avail but I did run after the full scan by MSE, & it did not find infection.

I always turn-off my computer at the wall when we finish in the night... so I know that the computer could not start on it's own [due to any suspicious infestation] and through out binaries!! [i do not know if that happens in reality but ...]

Thank you for your information and help me to understand.

Regards

Thank you joe53.

That is great information to me. I will remove the Java and see what happens.

Regards

snow:

I do not use Java personally, for security reasons, and don't miss it, or its constant patches. It's a big target.

I visited "moshi monsters", "Poptropica", and "War Light" websites. They all are based on Flashplayer, and don't require Java. However, I imagine your children use a lot of other games, and I can't say they all use Flash. I'm not a gamer. My sense is that most games these days are based on Flash.

The only way to know for sure is to uninstall Java, and see what howls develop! :emotion-1: (It is easily re-installed).

Your "sleep mode" problem doesn't sound like a malware issue, and I suspect you had a false positive. But I'll defer to Bugbatter as to what further steps (if any) you need to take.

Hi

I am not confident & savvy enough to say that the Java was the culprit in preventing my computer from going into sleep mode. However presto, as soon as I removed the Java [Java 7 Update 5 & Java 7 Update 5 (64bit) ], my computer behaves with regard to sleep/wake normally!! 

My quandary is that the above said Jave 7 update 5 had been in place for over few weeks but the sleep mode debacle was noted by me during the last few days & not weeks. It may be inept in my part to connect the two but for the completeness of my initial discussion decided to inform you of the above.

Regards