I know that many spyware programs get installed by either downloading other
programs that come with it bundled (ie. file-sharing apps) or by using
ActiveX controls. What I want to know is are there any known Spyware
programs/Hijackers out there that install by using Java (maybe using a
security weakness) or by some other similar means?
Thanks.
"John Ives" <aaaaaaaaa@hotmail.com> wrote in message
news:3f451f3f@212.67.96.135...
> I know that many spyware programs get installed by either downloading
other
> programs that come with it bundled (ie. file-sharing apps) or by using
> ActiveX controls. What I want to know is are there any known Spyware
> programs/Hijackers out there that install by using Java (maybe using a
> security weakness) or by some other similar means?
>
> Thanks.
>
>
FAQ # 4 of our NG's FAQ.
http://shplink.com/misc/FAQ.htm
HTH
--
siljaline
"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous sixteen-year-olds possessing infinite amounts of free
time."
- Neil Stephenson, _Cryptonomicon_
John Ives <aaaaaaaaa@hotmail.com> wrote:
> What I want to know is are there any known Spyware programs/Hijackers out
> there that install by using Java (maybe using a security weakness) or by
> some other similar means?
Yes. The most widely-used Java-related vulnerability is the ActiveXComponent
bug in IE, which has been used to install TinyBar and various other
home/search repeat-hijackers.
Another more recently exploited hole is the bytecode verifier bug in the
MS JVM; so far I've only seen this used to run plain hijackers (eg.
approvedlinks.com).
--
Andrew Clover
mailto:and@doxdesk.com
http://www.doxdesk.com/
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote