Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Trust-based environments safe against Java vulnerability

Bit9 : 15 January, 2013  (Technical Article)
Bit9 comments on the recent vulnerability announced on the Java platform with trust-based environment users being unaffected
Trust-based environments safe against Java vulnerability

Following last week’s discovery of a major security vulnerability in Java, Bit9 engineer Chris Lord says that being vulnerable is a matter of trust.

In summary, Bit9 says that if an enterprise is running a trust-based security platform, then the doom and gloom of a situation such as this one is largely inconsequential. If you only allow software you trust to run in your environment, then you really can’t be adversely affected by this or any similar vulnerability.

The media doomsayers with their calls for PC users to disable Java in the wake of a vulnerability identified last Thursday were chilling. Now that Oracle has released a JDK 7 update that addresses the Java vulnerability (which made the media rounds almost as fast as it was picked up by the exploit kits), it’s time to chill. Software is and will continue to be vulnerable.
 
Mat Honan’s note in SANS NewsBites summed it up best: “It seems each time a zero day exploit is found in software, be that Java or otherwise, the industry pundits recommend that people stop using that software. New vulnerabilities will always be discovered in the software we use. If our best defence to a threat is to cause a denial-of-service on ourselves then this in the long term is a no-win strategy for us as an industry. We need to be looking at better ways to defend our systems and data, one good place to start is the 20 Critical Security Controls.”
 
Follow the prevailing guidance to disable Java if you don’t need it, but what about the next 0day? The folks over at SANS shared Immunity's analysis of the Java MBeanInstantiator.findClass vulnerability. Three interesting observations: JDK 6 and likely 5 are both vulnerable; other sandboxed runtime environments with rich APIs have similar risks; and this vulnerability was already being widely exploited for mass malware installation in advance of its disclosure.
 
More doom? No, but a clear call for approaches that help mitigate such threats. A trust-based approach to application control and whitelisting can help contain any damage, whether it starts inside a sandbox or with a native application. You don’t need to disable Java; you need to prevent the malware that exploits this (and the inevitable next) vulnerability from running. That’s exactly what we do.
 
A trust-based security solution can track all the Java files (and all the other applications) in your environment. Those you trust are allowed to run; those you don’t are blocked. If you haven’t turned on support for tracking Java, then you’re missing part of your best defence.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo