LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 04-08-2012, 11:07 AM   #16
GazL
Senior Member
 
Registered: May 2008
Posts: 4,408
Blog Entries: 7

Rep: Reputation: 1860Reputation: 1860Reputation: 1860Reputation: 1860Reputation: 1860Reputation: 1860Reputation: 1860Reputation: 1860Reputation: 1860Reputation: 1860Reputation: 1860

Quote:
Originally Posted by H_TeXMeX_H View Post
I have removed it completely, because I don't trust it and don't need it.
Same here.
 
1 members found this post helpful.
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 04-10-2012, 06:08 AM   #17
addux
Member
 
Registered: Dec 2006
Location: In the middle of the ocean.
Distribution: Ubuntu 12.04, Debian Squeeze, Windows 7
Posts: 67

Rep: Reputation: 16
Best bet is to disable or remove JAVA unless you absolutely need it, as many people (including myself after reading about flashback) have already done.
As one person put it 'JAVA seems to be a never ending supply of security exploits.'

Those worried that their *nix version isn't patched because you installed the one that 'shipped' with it....You should be OK if your vendor applies security updates regularly. I run Debian stable and their security team is pretty responsive, this exploit was released by ORACLE in February and it appears Debian applied the patch in an update within a week. But you can check with your vendor's website for security update list, that is what I did just to make sure.

Otherwise, seriously, just uninstall this crapware if you don't use it.

Last edited by addux; 04-10-2012 at 06:13 AM.
 
1 members found this post helpful.
Old 04-11-2012, 08:30 AM   #18
drmjh
Member
 
Registered: Mar 2005
Location: North Carolina, USA
Distribution: Ubuntu
Posts: 308

Original Poster
Rep: Reputation: 31
For those Linux Users that use Java...

"...By Sarah Jacobsson Purewal, PCWorld Apr 11, 2012 5:21 AM


An estimated 600,000 Macs, or the market equivalent of 8.5 million PCs, have been infected with the Flashback Trojan botnet, which was originally discovered last year. The botnet originally disguised itself as an update to Adobe Flash, and infected machines when users executed the program. However, while the original threat required user execution, the current version doesn't require any user interaction or passwords."

Matthew
 
Old 04-11-2012, 10:26 AM   #19
ronlau9
Senior Member
 
Registered: Dec 2007
Location: In front of my LINUX OR MAC BOX
Distribution: Mandriva 2009 X86_64 suse 11.3 X86_64 Centos X86_64 Debian X86_64 Linux MInt 86_64 OS X
Posts: 2,369

Rep: Reputation: Disabled
yes that is correct , but it seems to be a rather strange Trojan , anyhow if the next is correct .
It seems to delete it self when you have xcode installed
Anyhow according to :
http://waxy.org/2012/04/flashback_tr...orton_antivir/

Last edited by ronlau9; 04-11-2012 at 10:31 AM.
 
1 members found this post helpful.
Old 04-11-2012, 08:46 PM   #20
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,455
Blog Entries: 4

Rep: Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918Reputation: 2918
The main thing that is "exploited" here is simply the ability of "what should be just an ordinary user" to install "an update to Adobe Flash."

Exactly the same vulnerability could likewise be leveraged in any number of other similar scenarios ... say ... "Firefox 11.22.33 is available and it has just been installed." Particularly if you are (as is often the case...) the only "real" user on the machine, significant opportunities for mischief exist by programs that are installed (in advance of any system-defined paths) in "the current user's local directories." Even if said programs do not require elevated privileges in order to execute. The programs are after information, specifically information about you, personally, and people by now are well-conditioned to "blab on-line" about damn near everything.

"No! No! No!! I do not want to know about your in-grown toenails!" Nor do I want to know what whatever you ate for dinner last night looked like before you ate it!
 
1 members found this post helpful.
Old 05-07-2012, 03:16 AM   #21
addux
Member
 
Registered: Dec 2006
Location: In the middle of the ocean.
Distribution: Ubuntu 12.04, Debian Squeeze, Windows 7
Posts: 67

Rep: Reputation: 16
I should add that for Debian you need to be using openjdk and icedtead instead of the sunjava-plugin, to benifit from the security updates I mentioned.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
flashback linux 4 aamerjavaid Linux - Newbie 9 09-07-2011 03:44 AM
Trojan.Malscript.C ciberrust Linux - Server 1 02-18-2010 03:15 PM
LXer: Microsoft's Courtroom Flashback LXer Syndicated Linux News 0 12-02-2006 12:03 PM
Windows ME is a Trojan HadesThunder General 12 04-16-2004 11:34 PM
Possible Trojan ! FreeFox Linux - General 4 08-03-2003 08:52 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 07:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration