User avatar
iamwjh
Posts: 135
Joined: Sun Dec 16, 2012 8:08 pm
Delivery Date: 15 Dec 2012
Leaf Number: 020318
Location: Clearwater, Florida

Re: malicious software on this site

Tue Jan 15, 2013 6:23 pm

Should we all disable the javascript in Interweb options settings?
mirko wrote:
vrwl wrote:My computer did catch a malware file at 3:15pm CST this afternoon when I bypassed the warnings and went ahead and came onto the site. It was a Java file, but I didn't write down the name of it before I had the quarantined file removed.
Since it looks like it may have been Java, I wonder if it has to do with this Tech Alert from Homeland Security...

http://www.us-cert.gov/cas/techalerts/TA13-010A.html
Alert (TA13-010A)
Oracle Java 7 Security Manager Bypass Vulnerability

Overview
A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system.
EXCELLENT!

DaveinOlyWA
Posts: 14158
Joined: Sat Apr 24, 2010 7:43 pm
Delivery Date: 16 Nov 2019
Leaf Number: 319862
Location: Olympia, WA
Contact: Website

Re: malicious software on this site

Tue Jan 15, 2013 7:05 pm

fine, i will run a scan. i average about 100 malware files a week. my security habits must suck...
2011 SL; 44,598 miles. 2013 S; 44,840 miles.2016 S30 deceased. 29,413 miles. 2018 S40; 25,185 miles SOH 92.23%
My Blog; http://daveinolywa.blogspot.com" onclick="window.open(this.href);return false;

User avatar
planet4ever
Posts: 4674
Joined: Sat Apr 03, 2010 9:53 pm
Delivery Date: 02 May 2011
Leaf Number: 1537
Location: Morgan Hill, CA, south of San Jose

Re: Early Capacity Losses-Was(Lost a bar...down to 11)

Tue Jan 15, 2013 7:16 pm

Joeviocoe wrote:My Win7 Google Chrome and my ChromeOS Chromium both are detecting malicious code on this site.
This has nothing to do specifically with this thread. Website issues should be, and are, discussed in in the Website/Forum Discussions section. See the following thread, where the webmaster (wxxyz) discusses the issue and explains why it is not a real problem:
http://www.mynissanleaf.com/viewtopic.php?f=17&t=11252

Ray
End of April 2013: Traded my 2011 SL for a 2013 S with charge pkg.

cwerdna
Posts: 9756
Joined: Fri Jun 03, 2011 4:31 pm
Delivery Date: 28 Jul 2013
Location: SF Bay Area, CA

Re: malicious software on this site

Tue Jan 15, 2013 7:24 pm

iamwjh wrote:Should we all disable the javascript in Interweb options settings?
JavaScript is NOT equal to Java, nor is JavaScript a slimmed down version of Java.

See http://stackoverflow.com/questions/4334 ... -come-from" onclick="window.open(this.href);return false;, for example.

If you disable JavaScript in your browsers, you'll find a lot of stuff on the web won't work.

Many people don't need Java (from Sun, now owned by Oracle) on their machines at all. If you don't, I suggest you uninstall it, to reduce attack surface. For those that do, it might be a good idea to disable it in your browser. See http://www.zdnet.com/how-to-disable-jav ... 000009732/" onclick="window.open(this.href);return false;.
DaveinOlyWA wrote:fine, i will run a scan. i average about 100 malware files a week. my security habits must suck...
Are the actually malware or are they actually cookies (which actually aren't malicious)? What anti-virus and/or anti-malware software are you running?

I'm assuming you're on a Windows machine. Are you making sure you're up to date w/all critical updates? MS generally releases them on http://en.wikipedia.org/wiki/Patch_Tuesday" onclick="window.open(this.href);return false;. What browser are you running? Keeping it up to date? How about keeping other components like Adobe Flash and Adobe Reader (if they're installed) up to date?

'19 Bolt Premier
'13 Leaf SV w/premium package (owned)
'13 Leaf SV w/QC + LED & premium packages (lease over, car returned)

Please don't PM me with Leaf questions. Just post in the topic that seems most appropriate.

User avatar
planet4ever
Posts: 4674
Joined: Sat Apr 03, 2010 9:53 pm
Delivery Date: 02 May 2011
Leaf Number: 1537
Location: Morgan Hill, CA, south of San Jose

Re: malicious software on this site

Tue Jan 15, 2013 7:55 pm

cwerdna wrote:Many people don't need Java (from Sun, now owned by Oracle) on their machines at all. If you don't, I suggest you uninstall it, to reduce attack surface. For those that do, it might be a good idea to disable it in your browser. See http://www.zdnet.com/how-to-disable-jav ... 000009732/" onclick="window.open(this.href);return false;.
The problem is that as a user you are rarely aware of when Java is being used under the covers, so you might be very sorry if you uninstall it. It's my impression that the current exposure only affects use of Java by browsers, so disabling in in your browser is likely to be less disruptive.

I tried to do that on Sunday, and discovered that the technique you pointed to didn't work, because the level of Java I had didn't include the control option needed. My hope that my old version of Java might be immune to the problem was short lived.

There is a way in Firefox to disable Java:Tools -> Add-ons -> Java
You will probably see a red warning that it is known to be vulnerable. Click Disable.

Unfortunately there is nothing comparable in Internet Explorer; yet another reason to stop using that piece of crap from Microsoft.

Incidentally, I did discover that the Help facility for one program I use is implemented as a browser window, and that search through the help has stopped working. I can live with that until the dust settles on this mess.

Ray
End of April 2013: Traded my 2011 SL for a 2013 S with charge pkg.

DaveinOlyWA
Posts: 14158
Joined: Sat Apr 24, 2010 7:43 pm
Delivery Date: 16 Nov 2019
Leaf Number: 319862
Location: Olympia, WA
Contact: Website

Re: malicious software on this site

Tue Jan 15, 2013 8:08 pm

planet4ever wrote:
cwerdna wrote:Many people don't need Java (from Sun, now owned by Oracle) on their machines at all. If you don't, I suggest you uninstall it, to reduce attack surface. For those that do, it might be a good idea to disable it in your browser. See http://www.zdnet.com/how-to-disable-jav ... 000009732/" onclick="window.open(this.href);return false;.
The problem is that as a user you are rarely aware of when Java is being used under the covers, so you might be very sorry if you uninstall it. It's my impression that the current exposure only affects use of Java by browsers, so disabling in in your browser is likely to be less disruptive.

I tried to do that on Sunday, and discovered that the technique you pointed to didn't work, because the level of Java I had didn't include the control option needed. My hope that my old version of Java might be immune to the problem was short lived.

There is a way in Firefox to disable Java:Tools -> Add-ons -> Java
You will probably see a red warning that it is known to be vulnerable. Click Disable.

Unfortunately there is nothing comparable in Internet Explorer; yet another reason to stop using that piece of crap from Microsoft.

Incidentally, I did discover that the Help facility for one program I use is implemented as a browser window, and that search through the help has stopped working. I can live with that until the dust settles on this mess.

Ray
ya, have to go with Andrew on this one. Java is disabled by default in all common browsers

Javascript however is the basic requirement to browse the internet. nearly all interactive content uses it unless you have text only browsing
2011 SL; 44,598 miles. 2013 S; 44,840 miles.2016 S30 deceased. 29,413 miles. 2018 S40; 25,185 miles SOH 92.23%
My Blog; http://daveinolywa.blogspot.com" onclick="window.open(this.href);return false;

Joeviocoe
Posts: 74
Joined: Wed Jun 23, 2010 6:27 pm
Contact: Website

Re: Early Capacity Losses-Was(Lost a bar...down to 11)

Tue Jan 15, 2013 8:22 pm

planet4ever wrote:
Joeviocoe wrote:My Win7 Google Chrome and my ChromeOS Chromium both are detecting malicious code on this site.
This has nothing to do specifically with this thread. Website issues should be, and are, discussed in in the Website/Forum Discussions section. See the following thread, where the webmaster (wxxyz) discusses the issue and explains why it is not a real problem:
http://www.mynissanleaf.com/viewtopic.php?f=17&t=11252

Ray
Thanks, read the thread... looks like it took a few hours for Google to update and declare the site free of bad code.

I just prefer to be safe than sorry, and I always sandbox up when bypassing the warnings... just as vrwl seemed to have got something bad around the time he did so.

mirko
Posts: 131
Joined: Thu Apr 19, 2012 6:26 pm
Delivery Date: 22 Apr 2012
Leaf Number: 18088
Location: Jupiter, FL

Re: malicious software on this site

Tue Jan 15, 2013 8:22 pm

iamwjh wrote:Should we all disable the javascript in Interweb options settings?
It is actually "Java" not "JavaScript" that is the culprit. They are two different animals. Apparently there is an update for Java that fixes the security problem. You can either update Java or disable Java in your browser. No need to disable JavaScript for this issue.
-=mirko=-
2012 Nissan LEAF SL Glacier Pearl

cwerdna
Posts: 9756
Joined: Fri Jun 03, 2011 4:31 pm
Delivery Date: 28 Jul 2013
Location: SF Bay Area, CA

Re: malicious software on this site

Tue Jan 15, 2013 8:29 pm

mirko wrote:
iamwjh wrote:Should we all disable the javascript in Interweb options settings?
It is actually "Java" not "JavaScript" that is the culprit. They are two different animals. Apparently there is an update for Java that fixes the security problem. You can either update Java or disable Java in your browser. No need to disable JavaScript for this issue.
Yep. Mirko's right. Supposedly Java 7 update 11 fixes the vulnerability that the zero-day exploit was targeting. However, this may have nothing to do w/the original post.

'19 Bolt Premier
'13 Leaf SV w/premium package (owned)
'13 Leaf SV w/QC + LED & premium packages (lease over, car returned)

Please don't PM me with Leaf questions. Just post in the topic that seems most appropriate.

kubel
Posts: 1609
Joined: Mon Feb 13, 2012 11:38 am
Leaf Number: 19628
Location: Southeast Michigan

Re: malicious software on this site

Tue Jan 15, 2013 8:52 pm

Looks like it's cleared up now on Chrome.
2012 Nissan LEAF SV
20% degradation in 42k miles
Leased 5-17-2012, Returned 1-15-2016


2017 Chevy Volt LT
Siren Red Tintcoat
Leased 10-21-2016

Return to “Website/Forum Discussions”