MAJAVA.B vulnerability

Hai all,

My network use FSPM 12.31 and client 12.31. While browsing my mail server (MS Exchange 2013 ) a virus alert as Exploit: Java/Majava.B is shown by F-sec and unable to proceed further. Location of virus is shown as C:/Users/AppData/Local/Temp/ Jar_xxxxx.tmp.

I am using Java version 1.6.0_45 in client windows terminals

Issue is my java setup in clients cannot be upgraded as of now due to some compatibility issues with in-house applications.

Requesting some inputs so that I can get rid of the issue till my java version upgradation.

Thanking u all

Find more posts tagged with

Comments

Vad

Hello ravi12,

As a temporarily solution you can exclude objects (C:/Users/AppData/Local/Temp/Jar_xxxxx.tmp) or process (Java) from Real Time scanning. Here you can find the instruction how to exclude objects:

https://community.f-secure.com/t5/Business/Excluding-objects-from-Real-Time/ta-p/66013

Excluding process could be done in a similar way.

Best regards,

Vad

ravi12

Alerts come when we open mail site for login through I key. And we cannot proceed further for login.when we open the web window virus alert pop comes and website hangs. Please give a temporarily solutions.Is it possible to exclude the java application.we tried but cannot succeed.please advise

MJ-perComp

You should be able to identify the Mail that is causing the alert. delete it, then do a mailbox reorganization.

IMHO: get rid of JAVA 6 now, not asap! You are playing with a rod of swetty dynamite.
Since 6.0.45 Solaris has fixed some 200 security issues in Java 6, and seveal got exloited. None of these fixes is publically available afaik. see: https://en.wikipedia.org/wiki/Java_version_history#Java_6_updates

Check here, for more information.
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html