13 Jan Patch update eliminates Java exploit infecting computers with FBI virus
Oracle Patch Eliminates Java Exploit Being Used to Install FBI Virus
Good news! Oracle has released a patch to update Java. This update will fix the vulnerability that was being used to install the Reveton Ransomware (aka FBI Virus) on unsuspecting users’ computers.
Simply follow the instructions on the Java installer page to get the latest version of Java installed on your computer.
If you have been infected, give us a call at 570.474.5100 to set up an appointment or bring your computer to us to have the virus removed. Click here for directions to our office in Mountain Top, PA.
Java Exploit Eliminated, Virus Remains At Large
On Sunday night, Naked Security published a blog post alerting everyone that the patch was now available. Once installed, the latest version does eliminate the current Java exploit. However, the virus is still out there and can infect computers that are not running the latest version of Java. There also still exists other ways to be infected by the virus.
We therefore recommend leaving Java disabled unless there is a specific need for it. Other vulnerabilities may still exist, and there is always the threat of new Java exploits in the future. Unfortunately, there is no way to make the web 100% safe. If you do need to keep Java enabled, make sure you trust the applets that you need to run and be wary of sites that load malicious applets without your knowledge.
The FBI Virus, Explained
In case you missed it, on Friday we published a blog post about a recent Java exploit that was installing the so-called FBI Virus on users’ computers and how to disable Java to avoid infection.
The FBI Virus locks users’ computers and displays a bogus message purporting to be from the FBI, stating that the computer was being used for illegal activity (pirated software, illegally downloaded movies and music, child pornography and hacking, for example) and the owner would need to pay a fine to restore their computer. In actuality, the message had nothing to do with the FBI and was, instead, from computer criminals demanding a ransom.
As was often the case, this ransom was more expensive than what we would normally charge to remove a virus and carried no guarantee that the computer would ever be unlocked. As such, we still recommend customers and clients bring their computers to us if they suspect they have been infected rather than paying the amount being demanded by the message. Again, the message is NOT from the FBI and carries no legal weight.
We’ll have more information as the situation develops, but at present, this most recent threat seems to be eliminated.