If you have not ready up on the ZDNet and other posts regarding this exploit here is a link to an article talking in more depth. If you are still on Java 6 you are vulnerable to this Java vulnerability. Java 7 update 21 and earlier are also exposed. There is an exploit kit available to hackers for $450 dollars. They can purchase a way to exploit this vulnerability off the shelf. This means it is past time to upgrade your Java runtime.
So, Shavlik Protect users, here are some easy steps to create a scan template to allow you to deployupgrade Java 7 update 25 to your machines to ensure they are up to date.
For users on Protect 9.0 the steps are as follows:
- Create a new Patch Group by clicking on the +New > Patch Group…
- Name the Patch Group “Java 7 Software Distribution”
- Click add and sort by QNumber column. Select QJAVA7U25N and QJAVA7U25X64N and save the patch group.
- Click +New > Patch Scan Template… and name it Java 7 Software Distribution
- On the Filtering tab uncheck the Patch Type > Security Patches and Patch filter settings set to “Scan Selected” and click the “…” button and select the “Java 7 Software Distribution” patch group.
- Click on the “Software Distribution” tab and check the box to enable Software Distribution. Save the scan template.
- Scan and Deploy the Java 7 update 25.
The best way to protect against this zero day is to eliminate the presence of Java 6 and this should be an easy way to do so.