Now's a good time to disable Java plugin version 1.7

Hi,
 
Long time user first time poster. We are utilizing webroot for our remote users. I have a quick question:
 
1. Will webroot protect against this?
2. I have read this exploit uses a mechanism to elevate privileges. So (webroot aside) are standard users without administrative rights still vulnerable?
 
Thanks...

Thanks TripleHelix. Would you happen to know if non-admin users are vulnerable? I have found nowhere that explicitly states this, and strangely the MS-ISAC advisory indicates "running as non privileged user will dimish the effects of the attack", however I think that is just set in the notification template they use.

Thanks, I read the article and I have read a few others as well, but none seem to directly address whether non-privileged users are as vulnerable as privileged ones. I also have seen proof of concept working exploits however none of those identify whether the user context was privileged or not.
 
Typically in the case of non-privileged users not being vulnerable they will state it. However I have not seen this so I guess we'll have to assume they are.
 

Well the reason I'm asking is not for myself but because most of our users here are non-privileged and run IE (not by my choice), I might be facing having to go around and do this for all of them or at least find some way of centrally configuring it.

Thanks, currently we are running the cloud based webroot site filtering and traffic inspection service only for our remote users. On our LAN we have all the typical security measures but not webroot. You said at this point there is no proactive protection and webroot would only retroactively attempt to remove the infection. So I am more concerned with finding out how necessary it is to disable java in the browser for non privileged users. Thanks again.
 
 

I dont handle that stuff here just the admin but I'll pass it on.
 
Thanks again.

Yeah, Java is a pain as far as security. Unfortunately Java is spread over many platforms and you can't avoid it completly unless you resign on web applications they are using it. However it's not sometimes possible. Java is used by many bank houses for their online banking applications what is also the case of mine. Therefore if you can't disable Java like me I recomend to elevate the security level to High at least. It will trigger a prompt every time an application is requesting permission to run (see below picture).
 

@ wrote:
 BTW, I use Opera as a prime browser. However the latest Oracle Java plugins don't work in Opera 32-bit, so I have to use IE9 instead for my banking.

It works for me in Opera I use Java SE Runtime Environment 7u10. I just run a Internet speed test http://speedtest.sourcecable.ca/
 
TH

Yes but the 32bit version of Opera and Both 32bit & 64bit Java installed and I get this from Firefox 18 now LOL
 
TH
 

Have a look at this! Do you have Firefox installed? As Opera uses the plugin from the Firefox directory. :@
 
TH
 
 

The things we learn playing with toys. :D
 
TH

I rather uninstalled update 10 in the security sake and installed update 9 that also works in Opera (BTW, since update 10 Oracle uses different way to deploy Java plugins what makes the issue with Opera as talked yesterday).
 
Furthermore it looks like that my yesterday's post fell in rush so I take opportunity to post it again below.
 
In relation to the latest Java vulnerability I am curious if using sanboxed IE9 in SafeStart Sandbox under System Tools, click System Control, and click Start is wise and recommended. As I said in my previous post I can't give up on Java because of my online banking system. However I want to tighten my security as much as possible. Though I am not sure if it is workable solution because in the user guide there is written "Note: The SafeStart Sandbox is intended for testing malware, not legitimate programs" and moreover I don't know whether sanboxed IE9 will load with plugins which are necessary for my banking (Java and Flash).
 
Last but not least will sanboxed IE9 be more bulletproof against the said Java vulnerability? I mean IE9 is Protected by the Identity Shiled, so does it have sence to sandbox IE?

Java 7 fails to restrict access to privileged code
Original Release date: 10 Jan 2013 | Last revised: 12 Jan 2013
 
Overview
Java 7 Update 10 and earlier Java 7 versions contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
 
Impact
By convincing a user to visit a specially crafted HTML document, a remote attacker may be able to execute arbitrary code on a vulnerable system. Note that applications that use the Internet Explorer web content rendering components, such as Microsoft Office or Windows Desktop Search, may also be used as an attack vector for this vulnerability.
 
http://www.kb.cert.org/vuls/id/625617
 
This is where WSA would step in!
 
TH