Video Screencast Help

Oracle releases Java 7 update 11 for zero-day flaw

Created: 16 Jan 2013 | 4 comments

Does Symatec has detection and cure for this vulnerability. If yes, can anyone share the details.

Comments 4 CommentsJump to latest comment

ᗺrian's picture

Yes, check this thread:

Here is the Symantec Security Response blog posts in regards to it:

So as long as your defs are up to date, you are protected.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture


Java Zero-Day Exploit (CVE-2013-0422) is being detected by Symantec Intrusion Prevention.

Symantec has the following IPS signatures in place that specifically protect against the Cool Exploit Kit:

Web Attack: Cool Exploit Kit Website -

Web Attack: Cool Exploit Kit PDF Download -

You may also like to check this Latest Symantec Article on the same issue -

Java Zero-Day Exploit (CVE-2013-0422)

and these Latest Symantec BLOG's

Java Zero-Day Dished Up from Cool Exploit Kit

Additional Protection for Recent Java Zero-Day

On January 13, 2012, Oracle has released the patch found on -


Symantec strongly urges all users of Java to download and install this patch as soon as possible.

Oracle has also provided a blog for further details on the vulnerability.

I am sure the above information would assist you to Answer your question.

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Mick2009's picture

This new Secureity Response blog post will be of interest to followers of this thread:

2013 First Quarter Zero-Day Vulnerabilities


Symantec recommends users to follow these best security practices:

  • Ensure all applications are up to date with the latest security patches. Even though a zero-day exploit cannot be patched, the latest updates will provide protection from previously disclosed vulnerabilities.
  • Ensure antivirus and IPS definitions are up-to-date.
  • Avoid visiting sites of questionable integrity.
  • Avoid opening files provided by untrusted sources.
  • Implement multiple redundant layers of security such as non-executable and randomly mapped memory segments that may hinder an attacker's ability to exploit vulnerabilities.

With thanks and best regards,