Sunday, January 13, 2013

Remove Java on Debian Linux

A security-related problem occurred. It was time to remove Java.

Disable Java in Firefox

# change the current working directory
cd /usr/lib/mozilla/plugins

# delete this file
rm libnpjp2.so



Uninstall Java

# delete all the Java files
# change the current working directory
# e.g. If Java was installed in this place: /opt/jre1.6.0_32
# e.g. cd /opt
cd /pathToFolderContainingJavaFiles/

# delete that folder and its files
# e.g. rm -r ./jre1.6.0_32 
rm -r ./folderContainingJavaFiles



References

New malware exploiting Java 7 in Windows and Unix systems
"A new Trojan horse called Mal/JavaJar-B has been found that exploits a vulnerability in Oracle's Java 7 and affects even the latest version of the runtime (7u10) ..."
http://news.cnet.com/8301-1009_3-57563567-83/new-malware-exploiting-java-7-in-windows-and-unix-systems/

CVE-2013-0422
"The MBeanInstantiator in Oracle Java Runtime Environment (JRE) 1.7 in Java 7 Update 10 and earlier allows remote attackers to execute arbitrary code ..."
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0422

Happy New Year from New Java Zero-Day 
"We observed that a Java security bypass zero-day vulnerability (CVE-2013-0422) has been actively exploited in the wild starting Jan. 2 ..."
http://blog.fireeye.com/research/2013/01/happy-new-year-from-new-java-zero-day.html




No comments: