navigation bar left navigation bar right

Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Sun Java

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Sun Microsystems
And, this specific program:
Oracle Java JRE 1.6.x / 6.x

This thread has been marked as locked.
AudgeB Sun Java
Member 18th Oct, 2010 03:14
Ranking: 0
Posts: 2
User Since: 16th Oct, 2010
System Score: N/A
Location: N/A
Last edited on 18th Oct, 2010 04:02

When run a scan, it comes up with SunJava JRE 1.6.x/6.x 4 times. I can't seem to get rid of it. Why does it list the same program 4 times?
I have patched it and it still shows up.
I have an addition to my previous message. I finally got rid of all the Sun Java threats and proceeded to apply to solution to Picasso. Then I ran the scan again and it came up with Picasso and 2 more Sun Java's.
I'm not sure I like this program.

Henrik Gulbaek Soeborg RE: Sun Java
Member 18th Oct, 2010 05:40
Score: 0
Posts: 2
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
I experence the same. Please correct it.
Was this reply relevant?
+0
-0
TiMow RE: Sun Java
Dedicated Contributor 18th Oct, 2010 08:43
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi AudgeB

The program is good, once you know how it works in real life.

When you run a scan, on completion, it will alert you to any insecure programs it has found and give you a Download Solution link to the program vendors update site.
You then download/install update re-boot (should always do this) and re-scan PSI.
Sometimes PSI still reports the insecure program, despite that you've just updated - there must be something not right, you may think.

OK - here's the rub - some program updates don't uninstall/overwrite the older (insecure) version, but create a new one, so PSI scans still continue to find and report this old one until it is removed - normally by the user, manually.
This is a problem created by the program vendors and not Secunia (PSI).

In your case - Google (for Picassa) is known for this, and Sun Java will only uninstall the last version of itself, when you update - any earlier versions are still there.

The key to solving your problems, is to post back with information relating to your Windows OS, which PSI version your using (bottom right of PSI window), and full version numbers of the insecure, and latest updated programs (if you are also able to include their file location/installation path - even better). Otherwise, once you have returned the above information, specific advice can then be offered.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
beckmark RE: Sun Java
Member 18th Oct, 2010 17:24
Score: 0
Posts: 3
User Since: 16th Oct 2010
System Score: N/A
Location: N/A
I cannot get rid of the listed security threat from Java. My PSI version is V1.5.0.2 and my Java is V. 6, which I just updated. This is the only Java listed on my program files. Should I worry about this or just ignore it? Thanks for any advice you may have!
Was this reply relevant?
+0
-0
jonwigham RE: Sun Java
Member 18th Oct, 2010 19:13
Score: 0
Posts: 2
User Since: 28th May 2010
System Score: N/A
Location: N/A
There seems to be a bug in the Java installation. It fails every time when doing the update so I found that if you go to the Java Control Panel in windows control panel and check for an update there, it updates to the latest version of java and your system will be be back at 100% (provided you have all other programs patched that is!)
Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 18th Oct, 2010 21:01
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
As U have already been told a new install of JAVA only removes the previous version.

Go to Control Panel>add/remove. Uninstall ALL versions of JRE or JSE or JDK or JAVA(TM) found EXCEPT JAVA(TM) 6 Update 22.

It does NOT MATTER if U remove the lot - Windows works perfectly without JAVA so, if required, U can reinstall the latest version at any time from here:

http://www.java.com/en/download/ie_manual.jsp?loca...

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+4
-0
Henrik_G_S RE: Sun Java
Member 18th Oct, 2010 21:41
Score: 0
Posts: 5
User Since: 18th Oct 2010
System Score: N/A
Location: DK
Thank You.

Got it now.

I remowed all the old files. And deleted them on extern backup harddisk to. Now it works fine.

All the best
Henrik
Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 18th Oct, 2010 22:02
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@Henrik,
Anything on a back up drive is not vulnerable. To eliminate possible "false alarms" in the future U may wish to consider doing this:

CREATING A GLOBAL IGNORE RULE - ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)



1.Click on the SETTINGS tab>scroll to the bottom & click on CREATE IGNORE RULE

2.In the RULE NAME BOX insert the Drive detail - My Backup Drive for example.

3.In the RULE BOX type D:\ (or the drive letter U wish to ignore). If it is the i386 folder use this - C:\windows\i386

4.Click SAVE IGNORE RULE>CLOSE

5.Carry out a full PSI rescan & all should be in order.

All hard drives will continue to be scanned by default but the result from the drives ignored will not be published.


Update 5 16:45 02/09/2010

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
Taz_SA RE: Sun Java
Member 19th Oct, 2010 12:28
Score: 1
Posts: 1
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
I was experiencing the same problem. I deleted all previous versions (I had one) in my Control Add/Remove programs, then went directly to Java in Control Panel and updated software there. It fixed the problem.
Was this reply relevant?
+1
-0
Henrik_G_S RE: Sun Java
Member 19th Oct, 2010 16:04
Score: 0
Posts: 5
User Since: 18th Oct 2010
System Score: N/A
Location: DK
Thank You for the tip. Done.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 19th Oct, 2010 18:08
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@AudgeB
Looks like everyone else is fixed up. Have U solved your problem?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
pmigliore RE: Sun Java
Member 19th Oct, 2010 21:56
Score: 0
Posts: 2
User Since: 18th Nov 2008
System Score: N/A
Location: N/A
Maurice,

I have thoroughly reviewed these threads to deal with this problem and continue to suffer no success at ridding myself of the Sun Java JRE 1.6.x / 6.x Category 4 Threat claimed by Secunia v.1.5.0.2 which is running on my Celeron 2.6G with 2Gb RAM under XP. I use a plethora of registry cleaners, anti-malware tools and the like and AVG Free for anti-virus.

Based on your most recent suggestion, I entered XP Control Panel and elminated JAVA updates 18, 20 and including 22 for that matter to ensure all CURRENT as well as PREVIOUS versions were eliminated. (Prior to that, I did the update to v 22 without eliminating anything first; so I went nuclear to ensure there was NO JAVA on this machine).

I am sure, however Secunia still disagrees and continues to warn me that
Sun Java JRE 1.6.x / 6.x is still on my machine.

For that matter, there is also reference to Trend Micro HouseCall ActiveX Control 6.x 6.51.0.1016 as a Category 4 threat and I can find no such SW anywhere on my system. I need help elminating that supposed threat, too. Are these related?

While the Java DL link did bring me to v 22 update, the Trend Micro DL link doesn't do anything. Neither of these lines bring me to the forums, either. I had to get here manually. Am at wits end, wondering what I can do here, as JAVA (so I claim) has been obliterated from my machine --- although the folder references on Secunia when clicked -- still bring me to files listing Java update 18 and 20 folders.

How come? Now what???

Anxiosuly awaiting your wisdom, oh Great One! Your help has been superb in the past. Thanks in advance. PMigliore
Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 19th Oct, 2010 22:08
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Lets deal with JAVA first. To clear all JAVA remove them all via add/remove.

Now do a FULL scan with PSI.

If U still get a vulnerability report what path does it give?

b]FINDING A FILE PATH

ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)[/b]

To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum.

PSI VERSION 2 (BETA)

From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each one.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Highlight it then copy (CTRL+C) then paste (CTRL+V) that path back to the Forum.


Update 7 18:43 02/10/2010

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
vpmigliore RE: Sun Java
Member 20th Oct, 2010 23:27
Score: -6
Posts: 5
User Since: 20th Oct 2010
System Score: N/A
Location: US
Last edited on 20th Oct, 2010 23:41
Hi Maurice,

Sorry for the delay, but I had to set up a new profile to get back into Secunia in order to reply to you. I will check back tonight and again tomorrow for further guidance. I'd really like to get these two matters cleared up.

BTW-- I already did the add/remove part (as mentioned above) and I checked to re-do that again today, but there WAS NO JAVA STUFF to remove. However, the JAVA folders still exist when I EXPLORE for them (both update 18 and update 20).

So while I was UNABLE to add/remove and re-do a full scan, by just opening Secunia, I see both the JAVA and thr TREND MICRO problems (along with a new one for Mozilla 3.6.10 also shows up; I should be able to handle that one myself).

But --
Here is the info on JAVA you requested, via copy and paste, which also confirms those folders exist, even though I cannot remove them via control Add/Remove solution:

Technical details


Technical details about this installation of Sun Java JRE 1.6.x / 6.x, you can use this information to determine why the Secunia PSI detected the program and the security state of it.

Version Detected:
6.0.200.2

Installation Path:
C:\Program Files\Java\jre1.6.0_20\bin\java.exe

Last Inspection of Program:
20th Oct. 2010, 20:53 CET

DOES THIS HELP IN ADVISING ME WHAT TO DO NEXT?

Thank you!
vpmigliore

Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 21st Oct, 2010 00:40
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 21st Oct, 2010 00:49
Very odd that U have lost the uninstallers. Here is my full response to JAVA issues.

I would advise U use JAVARA to remove all the dross.

Just follow the script & all should be OK after a FULL PSI rescan.

JAVA PROBLEMS
Can be used with Windows XP,Vista & Windows 7 - 32 & 64 Bit Systems.

Windows works perfectly well without JAVA.On that basis,U can safely uninstall the lot via Control Panel>Add/Remove. If U change your mind later due to programme dependencies just install & test the latest version from the links provided below.

If time allows this article is worth a read:

http://krebsonsecurity.com/2010/10/java-a-gift-to-...

If U prefer to permanently retain JAVA (many users do) see below:

The following fix is for the more widely used 32 Bit system.(By default 64 Bit systems still use the 32 Bit Browser) Details for a 64 Bit Browser are in PART 3.

PART 1
AUTOMATIC UPDATING OF JAVA
~~~~~~~~~~~~~~~~~~~~~~~~~~
1. If U are using PSI version 2 (BETA) have U tried the Auto Update feature supplied? If not, it is worth a go.
2. If using PSI 1.5.0.2 Go to Start>Control Panel>click on the JAVA icon>select the Update tab>click the Update Now button.

If these options are not available or do not work try this:

MANUAL UPDATING OF 32 BIT JAVA
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Click this link & select run from here:
http://www.java.com/en/download/manual.jsp (select 32 Bit)

To test your JAVA is working correctly use this test link:
http://java.com/en/download/help/testvm.xml

As normal,reboot,carry out a full PSI scan & all should be in order. If not,go to Start>Control Panel>Add/Remove & uninstall ALL version of JAVA(TM),JRE,JSE or JDK that U can see EXCEPT for JAVA(TM) 6 Update 22.

Rescan. In the unlikely event of a vulnerability still showing scroll down to PART 2


OPTIONAL EXTRA'S AFTER UPDATING BY WHATEVER METHOD
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1. Go to Control Panel>JAVA icon>Update Tab and take the tick (check mark) out of box marked "Check for updates auto ....." (This will prevent a Java updater notification from starting each time U switch on your PC - PSI is already doing this job for U)

2. If U prefer not to have the JAVA icon in the System Tray when in use, open the Advanced Tab>look for Miscellaneous>click the + sign & then remove the tick from clearly marked box.

3. U may also wish to speed up your browser by clearing out the JAVA cache & permanently lowering the quota allocation. If U are unsure how to do this post back for more information.

++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++
PART 2

Use the method below as a last resort.

CLEARING OUT OLD JAVA DROSS (32 Bit)
~~~~~~~~~~~~~~~~~~~~~~~~~~~
If U have completed all the above actions & still have a problem it is because the new JAVA uninstaller only removes the previous version. U could still have very old JAVA dross on your system. Try this:

1.Install or double check U have the latest JAVA version (Currently Version 6 Update 22)from here:

http://www.java.com/en/download/manual.jsp (select 32 Bit)

2.This tool will remove all the old dross except for the version U have just installed. Click here:

http://raproducts.org/

*This link takes U to the site - select the Windows Binary (zip) option.
*This will lead U to Sourceforge.net to download it.
*Save the download to desktop.
*Activate the desktop zip icon which exposes the JAVARA EXE file. Click it
*Select RUN when asked.
*Select your language.
*The tool will now appear on the desktop - select REMOVE OLDER VERSIONS
*Once complete select ADDITIONAL TASKS - tick all boxes & activate.
*Right click on the desktop JAVARA zip file & delete it.

3.To test your JAVA is working correctly use this test link: http://java.com/en/download/help/testvm.xml

PART 3

[b]a.If U have, but do not use your 64 Bit Browser, there is no requirement for Java 64 Bit to be installed.If already installed it can safely be removed via Control Panel>Add/Remove (64 Bit versions are clearly marked 64 if U have any)

b.To update this version click here: http://www.java.com/en/download/manual.jsp (select 64 Bit)

c.U can use the 32 Bit browser to install the 64 Bit version.

Update 11 23:33 16/10/2010

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
vpmigliore RE: Sun Java
Member 22nd Oct, 2010 06:22
Score: -6
Posts: 5
User Since: 20th Oct 2010
System Score: N/A
Location: US
Whew! Maurice, this was crazy.

Yes it was complicated by ISP time-out issues that were surely unrelated to the issue at hand with JAVA removal, but man -- this was the biggest hassle I've ever had.

I can tell you I was finally successful given your instructions, but the only thing that worked for me (finally) was PART 2: "Use the method below as a last resort".

--- And then only after trying it twice, in sequence, from scratch. The first time I attempted the DL the whole thing crashed. When I finally go it to work, it only removed update 20, and update 18 was still showing in the Secunia source folder -- discovered after running your suggested FULL SCAN after the last resort attempt. So, I started from scratch again and re-ran the raproducts app after downloading it and unzipping it again.

When I did, it indicated the removal of update 18 and, interestingly enough update 21 which I didn't even know I had until I saw the results!

OK, My Main Man -- now that we cleared up the JAVA hassle, "TREND MICRO" still remains and Secunia continues to advise me it is a Category 4 Threat.

NOTES:
Trend Micro HouseCall ActiveX Control 6.x 6.51.0.1016
Installation Path
C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll

Can you help here, too???

Thanks for the assistance.
VPMigliore
Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 22nd Oct, 2010 09:20
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
At some stage U have used the freebie online scanner. It uses ActiceX. Just navigate to the file RIGHT click & delete it.

Full rescan & U should be 100%.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
beckmark RE: Sun Java
Member 22nd Oct, 2010 15:48
Score: 0
Posts: 3
User Since: 16th Oct 2010
System Score: N/A
Location: N/A
I have tried and tried to remove Java 20 from my computer (this is the only version it shows) on the Add/Remove Programs. It gets to the point where it says it is configuring Java and has a green progress bar; then it stops moving and locks up the computer and I can do nothing but shut off the power. I am not comfortable with advanced stuff. Is there anything I can do short of taking it to my local computer shop? Thanks!
Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 22nd Oct, 2010 18:10
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@Beckmark

What path is PSI showing U to the vulnerability?
FINDING A FILE PATH

ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)


To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum.

PSI VERSION 2 (BETA)

From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each one.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Highlight it then copy (CTRL+C) then paste (CTRL+V) that path back to the Forum.


Update 7 18:43 02/10/2010




--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
vpmigliore RE: Sun Java
Member 22nd Oct, 2010 20:47
Score: -6
Posts: 5
User Since: 20th Oct 2010
System Score: N/A
Location: US
Right again, Oh Great One!

(Well, sort of . . . ).

You directed me to (accidentally) read the folder instruction, and it led me to the Active X file location, but only by using the CMD Prompt to get into the directory where it was hiding, and then digging waaaaaaay down into bag of MS DOS 3.1 skills, I was able to ">del Housecall_ActiveX.dll" and save the day.

Once again, as everyone has said, "Trust me -- if Secunia says it's a risk and it's there, it's there."

Just access your puzzle -solving skills, get a large cup of JAVA (pun intended) and sit back and hack away (double pun) at the problem. Thanks again, Maurice. Stay well !

VPMigliore
Was this reply relevant?
+0
-0
AudgeB RE: Sun Java
Member 22nd Oct, 2010 22:01
Score: 0
Posts: 2
User Since: 16th Oct 2010
System Score: N/A
Location: N/A
Just got around to it. I uninstalled all the Java programs except the latest and also uninstalled Picasso since I never use it. The scan comes up great now...no problems.
Thanks a lot.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 22nd Oct, 2010 22:11
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Good News.

If all your problems are now resolved could U please lock (Accept) the thread. This will prevent us both from receiving update emails from "tag on" posts.



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
beckmark RE: Sun Java
Member 23rd Oct, 2010 15:42
Score: 0
Posts: 3
User Since: 16th Oct 2010
System Score: N/A
Location: N/A
C:\Program Files\Java\jre6\bin\java.exe
Was this reply relevant?
+0
-0
Maurice Joyce RE: Sun Java
Handling Contributor 23rd Oct, 2010 15:57
Score: 11822
Posts: 9,071
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Restart your PC - as soon as it starts keep tapping the F8 key.

A black screen will appear with some options. Navigate the options with the up/down keys until the SAFE MODE is highlighted - now press ENTER.

This will take U to Safe Mode (the graphics will be large which is normal).

Once loaded try to uninstall from Control Panel>add/remove. Remove all JRE or JSE or JDK or JAVA(TM).

Once finished just reboot - normal Windows will load.

If U managed to delete it/them run a FULL PSI scan. Are there any JAVA elements showing?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+