Windows 7 Recovering From Exploit:Java/CVE-2013-1493

#1
We've recently been having problems with redirects when clicking the links of search results in our browsers (IE and Firefox). We tried a few different virus scans and nothing was able to find it. However, we did realize that Microsoft Security Essentials would not run when we clicked the executable.

So, with advice from these forums, we changed the name and it ran without issue. It immediately found "Exploit:Java/CVE-2013-1493". Now that we had a name, we were able to do some more research on it and realized it might be a good idea to disable Java in both browsers and only enable it when needed.

But, my questions to you is, what is "Exploit:Java/CVE-2013-1493" exactly? Is it a file? Or, just an exploit? What did Microsoft Security Essentials remove, exactly? Are there going to be other remnants of this scattered around the computer?

I'd really like to know more about how this works. It seems like any news articles out there just focus on the fact that it's a Java exploit, but I don't understand how it could cause redirects in my browser.
 


patcooke

Microsoft MVP
Staff member
Premium Supporter
Microsoft MVP
#2
Not much known yet about this recent threat:

Encyclopedia entry: Exploit:Java/CVE-2013-1493.C - Learn more about malware - Microsoft Malware Protection Center

In general a java exploit is a bit of Java code (typically an applet) which exploits a vulnerability in the Java runtime evironment (JRE). Because it is hidden inside code which has "elevated privileges" it can gain access to areas which it shouldn't have - like redirecting browsers.
 


#3
That's is the problem I'm having. It seems only a limited amount of scanners are picking up the Java exploit (so far, Microsoft Security Essentials and ESET Online Scanner has alerted me to it). But, I believe the real issue (if I'm understanding this right) is what we've been infected WITH. I believe we're trying to find a virus that we've been infected with via the Java exploit. So, as virus scanners are alerting us to the exploit, it's ignoring the issues the virus is giving us such as browser redirects and not allowing us to run Microsoft Security Essentials without changing the name of the executable.

I really don't know what to do in this situation.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.