Skip to main content
Customer Support Customer Support
Solved

Java/virtual machine malware detection question

  • November 2, 2012
  • 3 replies
  • 53 views
J
Fresh Face
Hi,
 
I have a question relating to platforms such as Java where its programs are run from within a virtual machine. How would WSA detect any malware in this sort of configuration? Presumably the java executable itself is a permitted application; I'm assuming this doesn't override the normal monitoring/firewall blocking etc that WSA would perform?
 
Ta.

Best answer by superssjdan

You would be correct.Wsa has you protected on many levels,but the first one that comes to mind would be Zero Day shield that would protect you from any java related exploits.If malware attempts to execute,WSA will catch it.The journaling feature in WSA is a lifesaver.If you wind up with an infection,WSA journaling feature enables it to roll back your system to it's pristine preinfection state.
View original
    Did this help you find an answer to your question?

    3 replies

    superssjdan
    Community Leader
    Forum|alt.badge.img+13
    • superssjdan
    • Community Leader
    • 348 replies
    • Answer
    • November 2, 2012
    You would be correct.Wsa has you protected on many levels,but the first one that comes to mind would be Zero Day shield that would protect you from any java related exploits.If malware attempts to execute,WSA will catch it.The journaling feature in WSA is a lifesaver.If you wind up with an infection,WSA journaling feature enables it to roll back your system to it's pristine preinfection state.
    WSA 9.0.29.62,Macrium Reflect Paid, Diskeeper 18,AMD Ryzen 7 3700X - 32GB 3000mhz Memory - AMD Radeon RX 5700 XT - 2TB HDD + 1 TB Samsung M.2 970 EVO SSD
    JimM
    1 person likes this
    • JimM
      JimM
    superssjdan
    Community Leader
    Forum|alt.badge.img+13
    • superssjdan
    • Community Leader
    • 348 replies
    • November 2, 2012
    Also,your choice of browser will minimize your attack vectors.IE10 has come really great security features built in,and in Nss testing blocked over 99% of malicious malware downloads without any help from any a/v.Google is another good choice as well although in the same test only scored around 70%.Both still lightyears ahead of the competition.Keep in mind this is protection before your av even gets involved.
    WSA 9.0.29.62,Macrium Reflect Paid, Diskeeper 18,AMD Ryzen 7 3700X - 32GB 3000mhz Memory - AMD Radeon RX 5700 XT - 2TB HDD + 1 TB Samsung M.2 970 EVO SSD
    Kit
    • Kit
    • Retired Webrooter
    • 371 replies
    • November 2, 2012
    Ahyep.  Java is a VM, but it's also sandboxed.  Java itself has some decent security built in (or at least tries to).  The primary thing that Java "Infections" try to do are download and run a native code infection.  Most Java exploits are working to get native code to the processor, since the VM is actually relatively limited in access to the system.  Obviously when something native is brought in, WSA doesn't treat it like Java.  Also, yes, the firewall and other aspects of SecureAnywhere will still block Java VM items from doing malicious things in general.
     
    Kit - Prior Webroot Quality Assurance / Prior Webroot Escalation Engineer

    Reply


    Terms & Conditions