Sun Java Removed by Security as Severe Alert

Discuss setup / installation issues - Add a spell checker, Language pack?

Sun Java Removed by Security as Severe Alert

Postby Silo » Tue Jul 20, 2010 3:48 am

Hello,

I downloaded Open Office 3.2 Thursday evening to open a document sent to me by a friend. Friday morning a scheduled scan by Microsoft Security Essentials discovered and removed Exploit Java/CVE 2008-5353 KM from Sun Java found in Open Office.
Open Office 3.2
Vista, Home Premium
Silo
 
Posts: 2
Joined: Tue Jul 20, 2010 3:25 am

Re: Sun Java Removed by Security as Severe Alert

Postby thomasjk » Tue Jul 20, 2010 5:18 am

Its most likely a false positive. Did you download from here http://download.openoffice.org/index.html?
Tom K.
Windows 7 Home Premium
LibreOffice 4.2.3.3
thomasjk
Moderator
 
Posts: 3602
Joined: Tue Dec 25, 2007 4:52 pm
Location: North Carolina

Re: Sun Java Removed by Security as Severe Alert

Postby Bill » Tue Jul 20, 2010 9:36 am

It shouldn't be in OOo 3.2.1. That vulnerability was in JRE 6 Update 10 and earlier. OOo 3.2.1 installs JRE 6 Update 20. Do you have any old JRE Updates still installed? I have OOo 3.2.1 installed on Vista and an MSE scan didn't find this threat.

http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-5353
Bill
 
Posts: 3322
Joined: Sat Nov 24, 2007 6:48 am

Re: Sun Java Removed by Security as Severe Alert

Postby Silo » Thu Jul 22, 2010 3:51 am

Thank you all for your replies.

I would like to think it was a false positive since I enjoyed working with Open Office. Also, I have Java 6 update 21 installed, only. Prior versions are always removed, in some cases with JavaRa, before installing updates. Also I downloaded Open Office from its official website, at the link in thomasjk's reply. Could this alert possibly stem from the document I received which may have been composed using an older version of Open Office? I do not know. I do know it was not a false positive since Microsoft offers some information on the alert and more can be found in Google.

Exploit Java/CVE-20080-5353.KM
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Exploit%3aJava%2fCVE-2008-5353.KM&threatid=2147636287

At this point I have uninstalled everything involved, including Sun Java although I know I may eventually need it, which is unfortunate.

Again thank you all and I hope to return to Open Office again one day.
Silo
 
Posts: 2
Joined: Tue Jul 20, 2010 3:25 am

Re: Sun Java Removed by Security as Severe Alert

Postby thomasjk » Thu Jul 22, 2010 5:21 am

Well I'm running MSE and Java 1_6 update 20. I don't see this issue at all with V3.2.1 on Win 7.
Tom K.
Windows 7 Home Premium
LibreOffice 4.2.3.3
thomasjk
Moderator
 
Posts: 3602
Joined: Tue Dec 25, 2007 4:52 pm
Location: North Carolina

Re: Sun Java Removed by Security as Severe Alert

Postby Tinkerm » Wed Jul 28, 2010 6:54 pm

Removed the first instance now got another
First Exploit:/Java/CVE-2009-3867.GM
SecondExploit:/Java/CVE-2008-3867.GM


Both Severe

MSE states file in C:\appData\locallow\Sun\Java\Department\cache\6.0\4.3\53509ab-4869787d>main.class

In my Active X there were 4 viruses associated with this, all called "Deployment Toolkit"
DEPLOYJAVA1.DLL

Disabeled them in my Win Patrol but seems there is no patch to delete them. Have no idea where this is coming from as went to the manufactures website for the download and it does have Open Office add on the download.

I am not a member of Open Office but was before my computer crashed and just have not added it back as I had to do a clean install, nothing to do with Open Office. But before I do I am concerned as to why this is happening, and would appreciate any help to get rid of this on my active x's.

Thank You
VistaOpenOffice 3.1 on Windows Vista
Tinkerm
 
Posts: 4
Joined: Wed Jul 28, 2010 6:41 pm

Re: Sun Java Removed by Security as Severe Alert

Postby RoryOF » Wed Jul 28, 2010 7:34 pm

What happens if you D/L and install Java 1.6.21, check it for virus, then D/L and install OOo without Java?
Apache OpenOffice 4.0.1 on Xubuntu 14.04 and Win2K/XP
User avatar
RoryOF
Moderator
 
Posts: 14373
Joined: Sat Jan 31, 2009 9:30 pm
Location: Ireland

Re: Sun Java Removed by Security as Severe Alert

Postby Tinkerm » Wed Jul 28, 2010 7:53 pm

Here is the strange part, I have again downloaded 1.6.21 and looks like everything is good, scanned and it says its fine. The on my tool bar a icon will come up to update Jave and that is where the virus seems to be coming from. Not sure what you mean by install Ooo without Java? Running two scanners right now, Microsoft new Full Service and MS Malicious to see if anything comes up.

Thank you for a fast reply..!
VistaOpenOffice 3.1 on Windows Vista
Tinkerm
 
Posts: 4
Joined: Wed Jul 28, 2010 6:41 pm

Re: Sun Java Removed by Security as Severe Alert

Postby Tinkerm » Wed Jul 28, 2010 8:11 pm

Ok wow I do have Open Office on my computer, had no idea as there is no desktop icon, and nothing in my start or programs showing it as downloaded but its there and it obviously is the problem. So I have removed all files and hope the disabeled ones in Active X stay that way. So some how when I downloaded Java it just put it on my computer, not happy about that and writing Sun Java home page as that is where I got the download and I saw that it mentioned you could use it with Open Office and all the benifits but it never said it was being downloaded. Thanks hope this may help others, be careful when you download that there is nothing elese attached.
VistaOpenOffice 3.1 on Windows Vista
Tinkerm
 
Posts: 4
Joined: Wed Jul 28, 2010 6:41 pm

Re: Sun Java Removed by Security as Severe Alert

Postby RoryOF » Wed Jul 28, 2010 8:35 pm

It is possible to D/L OpenOffice with or without Java. Use www.openoffice.org and click on the download link. Do not accept the version offered, but click on "Get all platforms" link (under the version offered link), then pick a version for your language without Java.
Apache OpenOffice 4.0.1 on Xubuntu 14.04 and Win2K/XP
User avatar
RoryOF
Moderator
 
Posts: 14373
Joined: Sat Jan 31, 2009 9:30 pm
Location: Ireland

Re: Sun Java Removed by Security as Severe Alert

Postby Tinkerm » Wed Jul 28, 2010 8:38 pm

Thank you I lost my Office when my PC crashed and since it came installed no way to get it back with a complete restore its gone. And I like Open Office so much better. Thank you will do that now.
VistaOpenOffice 3.1 on Windows Vista
Tinkerm
 
Posts: 4
Joined: Wed Jul 28, 2010 6:41 pm

Re: Sun Java Removed by Security as Severe Alert

Postby Bill » Wed Jul 28, 2010 11:49 pm

Tinkerm wrote:MSE states file in C:\appData\locallow\Sun\Java\Department\cache\6.0\4.3\53509ab-4869787d>main.class

That file is in the Java cache and was probably from a Website you visited. I doubt that it was installed by either Java or OpenOffice.org. I have both installed and that file doesn't exist on my system. It just showed up on your MSE scan because it was added to the definitions on 26 Jul 2010. You might be able to delete it just by clearing the Java cache using the Java Control Panel.
Bill
 
Posts: 3322
Joined: Sat Nov 24, 2007 6:48 am


Return to Install, Setup and Troubleshooting

Who is online

Users browsing this forum: RusselB and 15 guests