Tonight Avast blocked loading of the Runescape.com Java client in my Firefox browser. Clicking “Ignore” did not work and finally I had to add it to the URL exclusion list. This site should not be blocked so please remove it from your block lists.

Did not appreciate getting the following page:

Infection Blocked
URL: h_world8_runescape_com__gamepacktx84ah2K81zKPUhKHite…
Infection: Java:CVE-2012-1723-CCW [Expl]

Relax, your avast! just saved you from a virus.
Protect yourself against other types of threats by upgrading now.

Other people on the Runescape forums are complaining about getting blocked as well.

why when avast detect/block something, first assumption is always that it is wrong?

when it comes to java (the most exploited program in the world) i would take that exploit detection as good …until proven False

http://blogs.technet.com/b/mmpc/archive/2012/08/01/the-rise-of-a-new-java-vulnerability-cve-2012-1723.aspx

Full URL?

When doing a full scan I got a message saying that a virus was found (5 of them, to be exact), the same all the Runescape players are getting. I haven’t played it since the first of March, nor have I gone to their site. Seems to me that it was something new in an Avast update that triggered it (the file even said last changed was the 2nd of March) - my full scan yesterday came up clean, only today I’m getting the virus message.

did you get the same detection name as above…or something else?

you may upload and test suspicious files at www.virustotal.com

This is what the scan gave me;

http://i.imgur.com/lR0PtdQ.png

The last one oddly enough was found months ago, but also happened to be around the same time, so I’m not 100% sure what’s up with that.

This was posted roughly around the same time too, ANZ is my bank, so I did use their site around that time - so it may just be that.

those detection seems to be from java cache …also it seems to be from java 6.

have you not updated to latest? 7.55. http://www.java.com/en/download/

I just checked Java (via the website) and I’ve apparently got Version 7 Update 51 (it does say there’s an update though)

I did also use Virustotal.com for one of the files and it came up clear. It’s here

update to latest java, 7.55
then check in ad/remove programs…if you see any older versions listed, remove them

I did and got this;
http://i.imgur.com/u07D1kD.png

I’ll uninstall the version I have (via the control panel’s uninstaller it’s saying 7.55) and reinstall again.

Edit; done, removed the version I had (apparently after updating even with the error it was 7.55 and reinstalled without a hitch). I’m still worried about the java cache though, I’ve done the Java tests on their websites for older versions and it said there were none, so I’m not sure how to go about updating that.

I also understand this is the Avast forums, not the Java forums, so I don’t entirely expect expert advice if any is given at all, although all is greatly appreciated.

well, then you have the latest. …
the exploits in the cashe is most likely from infected websites you have visited. that is why it is important to make sure all programs and windows os is fully updated so all known security holes are patched then those exploits wont work even if your AV does not detect it