Solved

Is there a WIndows patch for the JBOSS exploits

Posted on 2016-07-26
4
44 Views
Last Modified: 2016-08-22
Has anyone found if there is a patch for a JBOSS exploit for Windows.  I know they are available for RedHat but I couldn't find anything other that a reference to JBOSS in that patches that MS put out on April 2016.
0
Comment
Question by:Member_2_7969384
  • 2
4 Comments
 
LVL 20

Assisted Solution

by:Russ Suter
Russ Suter earned 250 total points (awarded by participants)
Comment Utility
JBOSS is a RedHat product. RedHat would be responsible for releasing patches. Microsoft would have nothing to do with it.
0
 

Author Comment

by:Member_2_7969384
Comment Utility
Thanks, that is what I thought but since there were references out there to windows I thought it best to ask the question.  Thank you for the quick feed back.
0
 
LVL 61

Accepted Solution

by:
btan earned 250 total points (awarded by participants)
Comment Utility
It is not to patch Windows as Russ Suter has shared. The concern is more of surfacing webshell backdoor in vulnerable machines. Generally, servers systems running web services and mostly those exposed to public internet accesss should be scanned if there is such indicator of compromise existence

jbossass.jsp      jbossass_jsp.class
shellinvoker.jsp      shellinvoker_jsp.class
mela.jsp      mela_jsp.class
zecmd.jsp      zecmd_jsp.class
cmd.jsp      cmd_jsp.class
wstats.jsp      wstats_jsp.class
idssvc.jsp      idssvc_jsp.class
iesvc.jsp      iesvc_jsp.class
http://blog.talosintel.com/2016/04/jboss-backdoor.html
See also US-CERT part advisory on webshell - https://www.us-cert.gov/ncas/alerts/TA15-314A

Just make sure your server system is readily patched to the latest security patch for business running

To share there is also another recent Jboss security advisory to address the Red Hat JBoss JGroups security bypass vulnerability.- https://tools.cisco.com/security/center/viewAlert.x?alertId=46834
0
 
LVL 61

Expert Comment

by:btan
Comment Utility
It is explained on the exploit is not readily applicable but however, the threats lies in other type
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now