Findings of CW Shredder and MS VM

[James]

CW Shredder informed me that the one infection it removed was probably
caused through the bug in MS's Java Virtual Machine which it claims is
already classified as a trojan strain by AV companies.

It suggested that to prevent a re-infection I should either install SP1a
(which seems dumb given SP2 being so close) OR download the ByteVerifier
patch on the MS site OR remove MS Java VM.

Suggestions?

 

[GwD]

Install Service Pack 1a and all updates. If not then your just asking for
trouble.

 

[Guest]

James,

Please install SP1 (or SP1a), and all critical updates. If need Java, get it
here:

http://java.com/en/index.jsp

Also see:

Spyware and Virus Removal and Prevention:
http://www.fixyourwindows.com/windowsxpsolutions.htm

How to optimize Windows XP, 2000, ME
for the best performance (Step-by-step Visual Guide):
http://www.fixyourwindows.com

Good Luck!

 

[James]

Hi (and thanks for your suggestions)

But I already have SP1. Is SP1a an update or a patch?

james

 

[GTS]

SP1a is essentially the same as SP1 without the Java VM. This message (in a
confusing manner) is telling you to either patch your java vm or get rid of
it. Unless you're sure you don't want java (which will limit some web
activities), you should make sure to process all Critical updates and check
your IE security settings.

 

[James]

SP1a is essentially the same as SP1 without the Java VM. This message (in a
confusing manner) is telling you to either patch your java vm or get rid of
it. Unless you're sure you don't want java (which will limit some web
activities), you should make sure to process all Critical updates and check
your IE security settings.

Okay... we're dealing with someone quite unknowledgeable about these
things. I rarely use IE (I use Firefox and Opera) and as such the Java
that I use, to my knowledge anyway, is what was downloaded and installed
in Mozilla and in Opera.

But am I right in assuming that since IE will always be on my system
(and no doubt at some point I will use it) I should go to the MS site
and download the patch for this Java VM? Or can I just safely ignore it?

 

[CS]

Okay... we're dealing with someone quite unknowledgeable about these
things. I rarely use IE (I use Firefox and Opera) and as such the Java
that I use, to my knowledge anyway, is what was downloaded and installed
in Mozilla and in Opera.

But am I right in assuming that since IE will always be on my system
(and no doubt at some point I will use it) I should go to the MS site
and download the patch for this Java VM? Or can I just safely ignore it?

James:

Ignore it. There's nothing wrong with the MS Java, either the older
version or the update. If you've got SP-1 installed, leave well
enough alone. I also use Firefox without problems.

Anyway, SP-2 has been released to manufacturing today and should start
to be available before the end of the month.

 

[Wesley Vogel]

Windows XP SP1a is the same as Windows XP SP1 except that the Microsoft
virtual machine (VM) is removed in SP1a.

Differences Between Windows XP SP1 and Windows XP SP1a
http://support.microsoft.com/default.aspx?kbid=813926

 

[GTS]

Okay... we're dealing with someone quite unknowledgeable about these
things. I rarely use IE (I use Firefox and Opera) and as such the Java
that I use, to my knowledge anyway, is what was downloaded and installed
in Mozilla and in Opera.

But am I right in assuming that since IE will always be on my system
(and no doubt at some point I will use it) I should go to the MS site
and download the patch for this Java VM? Or can I just safely ignore it?

Yes, that's essentially correct. You cannot fully remove IE. You will need
it, if nothing else, for the purpose of doing critical updates, which you
should be doing regularly. Also, IEs internals may be used by other
processes. Given the fact that you were already were hit with a Trojan
through this vulnerability, why not simply do the update? It's true that
SP2 is coming soon and will address this and more, but why wait?

 

[Alex Nichol]

CW Shredder informed me that the one infection it removed was probably
caused through the bug in MS's Java Virtual Machine which it claims is
already classified as a trojan strain by AV companies.

It suggested that to prevent a re-infection I should either install SP1a
(which seems dumb given SP2 being so close) OR download the ByteVerifier
patch on the MS site OR remove MS Java VM.

You should make sure that at Windows Update you get the Java update
816093 that takes you to the latest, and final build, 3810. Installing
SP1a or SP 2 will do no good at all as neither includes Java, under the
Court ruling in the case brought by Sun

 

[James]

James wrote:




You should make sure that at Windows Update you get the Java update
816093 that takes you to the latest, and final build, 3810. Installing
SP1a or SP 2 will do no good at all as neither includes Java, under the
Court ruling in the case brought by Sun

But Alex, I'm not using MS Java but rather the latest Java from Sun. I
use Firefox and Opera as my primary browsers and took Sun's Java which
came bundled. So do I still need to get this other patch? I just want to
ensure that I'm safe. I have no intentions of using IE so I'm not sure
why I need to download 816093. Thanks.

 

[Alex Nichol]

But Alex, I'm not using MS Java but rather the latest Java from Sun. I
use Firefox and Opera as my primary browsers and took Sun's Java which
came bundled. So do I still need to get this other patch? I just want to
ensure that I'm safe. I have no intentions of using IE so I'm not sure
why I need to download 816093. Thanks.

In that case you need do nothing. At sometime along the road an earlier
version of the MS Java got installed, and is available, and CWShredder
is noticing. it would come into use if the Sun Control Panel Java
applet - Browsers page does not have it checked to that with IE and you
then used IE to access a page that does not work with Sun. As long as
you do not use it you are safe enough.

 

[Wesley Vogel]

Remove Microsoft Java Virtual Machine and Install Sun Java™
http://www.windows-help.net/WindowsXP/howto-21.html

Skip the Install Sun Java part.