Archive

Archive for the ‘Java’ Category

Visual Studio Code Updates for Java Developers: Rename, Logpoints, TestNG and More

December 14th, 2018 No comments

As we seek to continually improve the Visual Studio Code experience for Java developers, we’d like to share couple new features we’ve just released. Thanks for your great feedback over the year, we’re heading into the holidays with great new features we hope you’ll love. Here’s to a great 2019!

Rename

With the new release of the Eclipse JDT Language Server, we’re removing the friction some developers experienced in ensuring renamed Java classes perpetuate into the underlying file in Visual Studio Code. With the update, when a symbol is renamed the corresponding source file on disk is automatically renamed, along with all the references.

Debugger

VS Code Logpoints is now supported in the Java Debugger. Logpoints allow you to inspect the state and send output to debug console without changing the source code and explicitly adding logging statements. Unlike breakpoints, logpoints don’t stop the execution flow of your application.

To make debugging even easier, you can now skip editing the “launch.json” file by either clicking the CodeLens on top of the “main” function or using the F5 shortcut to debug the current file in Visual Studio Code.

TestNG support

TestNG support was added to the newest version of the Java Test Runner. With the new release, we’ve also updated the UI’s of the test explorer and the test report. See how you can work with TestNG in Visual Studio Code.

We’ve also enhanced our JUnit 5 support with new annotations, such as @DisplayName and @ParameterizedTest.

Another notable improvement in the Test Runner is that we’re no longer loading all test cases during startup. Instead, the loading now only happens when necessary, e.g. when you expand a project to see the test classes in the Test viewlet. This should reduce the resource needed on your environment and enhance the overall performance of the tool.

Updated Java Language Pack

We’ve included the recently released Java Dependency Viewer to the Java Extension Pack as more and more developers are asking for the package view, dependency management and project creation capability provided by this extension. The viewer also provides a hierarchy view of the package structure.

Additional language support – Chinese

As the user base of Java developers using Visual Studio Code is expanding around the world, we decided to make our tool even easier to use for our users internationally by offering translated UI elements. Chinese localization is now available for Maven and Debugger, it will soon be available for other extensions as well. We’d also like to welcome contributions from community for localization as well.

IntelliCode and Live Share

During last week’s Microsoft Connect() event, we shared updates on the popular Visual Studio Live Share and Visual Studio IntelliCode features. The new IDE capabilities – all of which support Java – provide you with even better productivity with enhanced collaboration and coding experience that you can try now in Visual Studio Code.

Just download the extensions for Live Share and IntelliCode to experience those new features with your friends and co-workers. Happy coding and happy collaborating!

Attach missing sources

When you navigate to a class in some libraries without source code, you can now attach the missing source zip/jar using the context menu “Attach Source”.

We love your feedback

Your feedback and suggestions are especially important to us and will help shaping our products in future. Please help us by taking this survey to share your thoughts!

Try it out

Please don’t hesitate to try Visual Studio Code for your Java development and let us know your thoughts! Visual Studio Code is a lightweight and performant code editor and our goal is to make it great for the entire Java community.

Xiaokai He, Program Manager
@XiaokaiHeXiaokai is a program manager working on Java tools and services. He’s currently focusing on making Visual Studio Code great for Java developers, as well as supporting Java in various of Azure services.

 

Visual Studio IntelliCode supports more languages and learns from your code

December 5th, 2018 No comments

At Build 2018, we announced Visual Studio IntelliCode, a set of AI-assisted capabilities that improve developer productivity. IntelliCode includes features like contextual IntelliSense code completion recommendations, code formatting, and style rule inference.

IntelliCode has just received some major updates that make its context-sensitive AI-assisted IntelliSense recommendations even better. You can download the updated IntelliCode Extension for Visual Studio and IntelliCode Extension for Visual Studio Code today! The Visual Studio extension already works with the newly-release Visual Studio 2019 Preview 1.

AI-assisted IntelliSense recommendations based on your language of choice

Many of you have requested IntelliCode recommendations for your favorite languages. With this update, we’re excited to add four more languages to the list that can get AI-assisted IntelliSense recommendations. In our extension for Visual Studio, C++ and XAML now get IntelliCode alongside existing support for C#. In our extension for Visual Studio Code, TypeScript/JavaScript and Java are added alongside existing support for Python.

We’ll be sharing more details about IntelliCode’s support for each language on their respective blogs [C++ | TypeScript and JavaScript | Java]

AI-assisted IntelliSense for C# with recommendations based on your own code

Until now, IntelliCode’s recommendations have been based on learning patterns from thousands of open source GitHub repos. But what if you’re using code that isn’t in that set of repos? Perhaps you use a lot of internal utility and base class libraries, or domain-specific libraries that aren’t commonly used in open source code, and would like to see IntelliCode recommendations for them too? If you’re using C#, you can now have IntelliCode learn patterns and make recommendations based on your own code!

When you open Visual Studio after installing the updated IntelliCode Extension for Visual Studio, you’ll see a prompt that lets you know about training on your code, and will direct you to the brand new IntelliCode page to get started. You can also find the new page under View > Other Windows > IntelliCode.  Once training is done, we’ll let you know about the top classes we found usage for, so you can just open a C# file and start typing to try out the new recommendations. We keep the trained models secured, so only you and those who have been given your model’s sharing link can access them–so your model and what it’s learned about your code stay private to you. See our FAQ for more details.

Check out Allison’s video below to see how this new feature works.

Get Involved

As you can see, IntelliCode is growing new capabilities fast. Get the IntelliCode Extension for Visual Studio and the IntelliCode Extension for Visual Studio Code to try right away, and let us know what you think.  You can also find more details about the extensions in our FAQ.

IntelliCode and its underlying service are in preview at present. If you hit issues using the new features and you’re using Visual Studio, use the built-in Visual Studio “Report a Problem” option, and mention IntelliCode in your report. If you’re a Visual Studio Code user, just head over to our GitHub issues page and report your problem there.

If you want to learn more or keep up with the project as we expand the capabilities to more scenarios and other languages, please sign up for email updates. Thanks!

Mark Wilson-Thomas, Senior Program Manager

@MarkPavWT  #VSIntelliCode

Mark is a Program Manager on the Visual Studio IntelliCode team. He’s been building developer tools for over 10 years. Prior to IntelliCode, he worked on the Visual Studio Editor, and on tools for Office, SQL, WPF and Silverlight.

Keeping Adobe Flash Player

Years ago, Java exploits were a primary attack vector for many attackers looking to infect systems, but more recently, Adobe Flash Player took that mantle.

After accounting for almost half of object detections during some quarters in 2014, Java applets on malicious pages decreased to negligible levels by the end of 2015, owing to a number of changes that have been made to both Java and Internet Explorer over the past two years.

In January 2014, Java Runtime Environment was updated to require all applets running in browsers to be digitally signed by default. Later that year, Microsoft published updates for Internet Explorer versions 8 through 11 that began blocking out-of-date ActiveX controls. Windows 10’s default browser, Microsoft Edge, does not support Java or Active X at all, and other browsers like Google’s Chrome and Mozilla’s Firefox are doing the same.

With defenses against Java attacks gaining the upper hand, Flash Player objects have become the most commonly detected threat hosted on malicious web pages by an overwhelming margin. This type of exploit has led the way in each of the past four quarters, from a low of 93.3 percent in the first quarter of 2015, to an all-time high of 99.2 percent last fall.

Adobe Flash

While this information may be unsettling for security teams whose web sites and applications rely on Flash functionality, it’s clearly an important piece of intelligence. Knowing where attackers are targeting their cyber threats makes it easier to plan mitigations to defend against malicious web pages. It also illustrates the importance of keeping your full technology stack – including Adobe Flash Player – updated. And fortunately, as with Java, modern browser mitigations are beginning to turn the tide against Flash exploits as well.

Both Internet Explorer 11 and Microsoft Edge on Windows 10 help mitigate many web-based attacks. For example, Internet Explorer 11 benefits from IExtension Validation, which can help defend against Adobe Flash malware.

Real-time security software can implement IExtension Validation to block ActiveX controls from loading malicious pages. When Internet Explorer loads a webpage that includes ActiveX controls, the browser calls the security software to scan the HTML and script content on the page before loading the controls themselves. If the security software determines that the page is malicious (for example, if it identifies the page as an exploit kit landing page), it can direct Internet Explorer to prevent individual controls or the entire page from loading.

For a thorough analysis on the state of malware in the latter half of 2015, take a look at our latest Security Intelligence Report. And for a high-level look at the top ten trends and stats that matter most to security professionals right now, be sure and download our 2016 Trends in Cybersecurity e-book.

Watch out for fake Java updates

January 28th, 2013 No comments

You may have seen reports about security alerts for Java recently. Java is a commonly used piece of software from Oracle, so there’s a good chance you have it installed on your computer. Cybercriminals often use fake virus alerts to lure you into buying fraudulent antivirus software. These alerts state that your computer or other device is at risk, but clicking a link in one of them could lead you to downloading malicious software.

In the case of the fake Java updates, cybercriminals are taking advantage of news about security vulnerabilities in Java and recommendations to update Java immediately. We agree that if you use Java on your device you should update it directly from the Oracle website:  

If you don’t, then it’s a good idea to uninstall older versions of Java and disable Java in your browser like you would for any unused software.

Java is just one piece of software that cybercriminals target. It’s important to keep all the software installed on your system up to date. For Microsoft software, you can use the Microsoft Update service.

If you think you have a virus, visit the Microsoft Security Support Center for assistance.  

Watch out for fake Java updates

January 28th, 2013 No comments

You may have seen reports about security alerts for Java recently. Java is a commonly used piece of software from Oracle, so there’s a good chance you have it installed on your computer. Cybercriminals often use fake virus alerts to lure you into buying fraudulent antivirus software. These alerts state that your computer or other device is at risk, but clicking a link in one of them could lead you to downloading malicious software.

In the case of the fake Java updates, cybercriminals are taking advantage of news about security vulnerabilities in Java and recommendations to update Java immediately. We agree that if you use Java on your device you should update it directly from the Oracle website:  

If you don’t, then it’s a good idea to uninstall older versions of Java and disable Java in your browser like you would for any unused software.

Java is just one piece of software that cybercriminals target. It’s important to keep all the software installed on your system up to date. For Microsoft software, you can use the Microsoft Update service.

If you think you have a virus, visit the Microsoft Security Support Center for assistance.  

Economies of scale: A perspective on cross-platform vulnerabilities

July 31st, 2012 No comments

A year ago, we published a blog post titled ‘Backdoor Olyx – is it malware on a mission for Mac?‘. It explored the intriguing questions that lay behind this backdoor’s discovery, delivery and targets. We provided our observations and analysis, and suggested that this threat was used in a targeted attack against unknown victims. However, we found no clue at that time as to ‘how’ the threat was installed to its targets – an important missing piece that we’ve continued to investigate over time.

As shown in the timeline below, a succeeding variation of threats can be identified with the same suggested attack tactic – exploiting known vulnerabilities in software to install a backdoor to its target.

Upon closer inspection of this event, we observed that this malicious code may be delivered via the Web by exploiting Java vulnerabilities (referred to in CVE-2011-3544 and CVE-2012-0507). The second form of delivery we observed was via email attachment, where the malware distributors may attempt to take advantage of known Word document vulnerabilities (referred to in CVE-2010-3333) and the vulnerabilities resolved with the release of Microsoft Security Bulletin MS09-027. It is also important to point out that these vulnerabilities affect multiple platforms, and in this case, affect both Windows and Mac.

This observation is limited and based on the samples we identified, acquired and processed, however, this understanding provides us with an opportunity to recognize a trend we can describe as economies of scale in cross-platform vulnerabilities. This method of distribution allows the attacker to maximize their capability on multiple platforms. Thus, regardless of a particular attacker’s motive, the value and demand for these vulnerabilities is likely to persist – we know for a fact that Java vulnerabilities CVE-2011-3544 and CVE-2012-0507 are widely used by cybercriminals’ in exploit kits, such as Blacole/Blackhole.

If we look at this trend, then we start to notice that the following vulnerabilities in Java, Adobe PDF and Flash, and Microsoft Office documents, listed in the table below, may be used to target and attack multiple platforms. Note that these vulnerabilities have been patched; appropriate security updates for them have been released.

This highlights the importance of keeping security software up-to-date, and ensuring operating system and 3rd party security patches are installed (soon after they become available) in order to reduce the risk of malware infection. And, this best practice should extend to all devices and platforms, especially those in large enterprise networks.

Methusela Cebrian Ferrer
MMPC Melbourne

New Interoperability Solutions for SQL Server 2012

March 22nd, 2012 No comments

I am excited to share some great news about how we are opening up the SQL Server data platform even further with expanded interoperability support through new tools that allow customers to modernize their infrastructure while maximizing existing investments and extending virtually any data anywhere.

The SQL Server team today introduced several tools that enable interoperability with SQL Server 2012.

These tools help developers to build secure, highly available and high performance applications for SQL Server in .NET, C/C++, Java and PHP, on-premises and in the cloud.

These new tools include a Microsoft SQL Server 2012 Native Client, a SQL Server ODBC Driver for Linux, backward compatibility with ADO.Net and the Microsoft JDBC Driver 4.0 and PHP Driver 3.0.

You can find more information on all this goodness on the SQL Server blog here.

Get gamed and rue the day…

October 26th, 2011 No comments

As we discussed last week, socially engineered threats are specially crafted threats designed to lure the eye and trick the mind – they look legitimate or benign, and in worst case, may take advantage of a trusted relationship, by utilizing a compromised account or familiar website. Social engineering techniques may be used in isolation, but are often used by attackers in tandem with other types of exploit in order to perform the attacker’s real purpose – delivering the payload. What follows is a typical example that illustrates how attackers attempt to exploit both people and systems in order to achieve their goals. 

Last month, Worm:Win32/Gamarue, a bot-controlled worm, was discovered as the payload of a series of browser-hijacks and traffic redirects to malicious servers hosting and performing multiple browser-based exploit attacks.
The initial trigger event was identified as shared content, commented on a social networking site.

 

When users clicked on a link in a comment from a contact in order to see more information, they were first directed to another profile and then encouraged to click on another link. 

 

However, this second link directed affected users to malicious content that loaded a hidden iframe (detected as Exploit:JS/BlacoleRef.D SHA1 8da25114758b2e3f454af0346ce7e716ac91c829). This iframe referenced an exploit server hosting a version of the ‘BlackHole’ exploit kit (detected as Exploit:JS/Mult.DJ SHA1 4cba7b2385b7ee7a84992ddaf77aa6d85b72b5ce).  The exploit server attempted to exploit multiple known vulnerabilities in the affected user’s browser, until a successful compromise could be achieved. In our example, a malicious Java applet stored within a Java Archive (.JAR) (detected as Exploit:Java/CVE-2010-0840.FK SHA1 87800737BF703002263E3DBA680E4EE9FE9CA5B0) was observed being loaded on browsers with enabled vulnerable versions of the Java plugin. This Java vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system outside its “sandbox” environment.  The final result? The installation of Worm:Win32/Gamarue.A (SHA1 427fa7d7aa1e4ee8a57516979711e11e59e51559). When it first appeared this threat did not appear to be detected by any known scanners.

  

Figure 1 – Method of delivery for Worm:Win32/Gamarue.A

A code fragment of this threat suggests that it may be a new bot called “Andromeda”.  Similar to known bots such as Zeus and Spyeye, Andromeda is also a modularized program which  can be functionally developed and supported using plug-ins.  It is also sold via an underground forum, where pricing varies depending on the version of the bot, the number of domains utilized, and the purchaser’s plugin development requirement.

The elaborate methods used to distribute this threat suggest that along with being mindful of illegitimate attempts to convince you to perform particular actions, and keeping your software updated, your choice of browser really matters.  Microsoft recently launched a new website YourBrowserMatters.org, which ranks your browser security from 0-4 and provides information on the risks involved in continuing to use older versions. 

As always, we encourage you to stay safe online.

Methusela Cebrian Ferrer

MMPC

Microsoft Safety Scanner detects exploits du jour

May 25th, 2011 No comments

We recently updated the Microsoft Safety Scanner – a just-in-time, free cleanup tool.  The new version adds support for 64-bit Windows systems and also allows for the download of the tool to run in non-networked systems such as those behind an air-gap network, those within an ISPs walled garden, and those where the infection has impaired internet connectivity.  You can download the Microsoft Safety Scanner (MSS) at www.microsoft.com/security/scanner

Early results have been very positive with this tool and we are actively reviewing telemetry from our customers who use it in order to better understand aspects of threat impact from specific malware families. In addition, we urge our customers to install security updates provided by Microsoft for our operating systems and applications, as well as from other third-party applications and any security updates that may be provided by Internet service providers. Early telemetry gathered from the release of the Microsoft Safety Scanner echoes this continuous messaging.

During the first seven days of the MSS release, there were close to 420,000 downloads, or 60,000 downloads per day, of the product. It cleaned 20,097 infected computers in total, for users that suspected their computers were infected and downloaded MSS to scan their machines. Kudos to these users for having security awareness.

Among the detections, 7 of the top 10 threats are files containing exploits for Java vulnerabilities such as CVE-2008-5353, CVE-2010-0094, CVE-2010-0840 and CVE-2009-3867. (For more information related to these exploits, see the blog post “Have you checked the Java?” by our colleague Holly Stewart.)

Below is a table detailing Microsoft Safety Scanner detections in the first seven days since its release:

 

Threat

Threat Count

Machine Count

Note

CVE-2008-5353

                    7,739

                         2,272

Java Exploit

CVE-2010-0840

                    5,387

                         2,785

Java Exploit

CVE-2010-0094

                    4,744

                         1,579

Java Exploit

OpenConnection

                    3,929

                         2,396

Java Exploit

OpenCandy

                    3,408

                         3,238

Adware

CVE-2009-3867

                    2,759

                         1,445

Java Exploit

Wimad

                    1,658

                            637

Malicious Win Media File

Keygen

                    1,287

                         1,234

Key Generator Hacking Tool

Mesdeh

                    1,156

                            714

Java Exploit

OpenStream

                    1,125

                            759

Java Exploit

 

Of course many of these detections by MSS are the debris or aftermath after the exploit has already executed. By the time a user downloads and runs MSS to detect malware, the machine may have already been infected, if it was vulnerable to the exploit at the time.  For example, aside from additional malicious Java code detections, the following active threats were also reported on machines found to be infected by Exploit:Java/CVE-2008-5353 on April 15 2011:

 

Threat

Percentage of machines
where MSS also detected
Exploit:Java/CVE-2008-5353

Note

Alureon

7.3%

Rootkit Data Stealing Trojan

Zwangi

6.0%

Browser Modifier

Winwebsec

5.7%

Rogue

Hotbar

5.4%

Adware

ClickPotato

5.4%

Adware

FakeRean

5.3%

Rogue

Renos

4.6%

Rogue Downloader

FakeSpypro

4.3%

Rogue

Obfuscator

4.3%

Encrypted Threat

Hiloti

3.6%

Downloader

 

On average, MSS detected 3.5 threats on each of the infected computers.

 

Threat Count

Infected Machine Count

Threats Per Infected Machine

                      69,858

                                         20,097

3.5

 

This won’t surprise you if you have read our newly published Security Intelligence Report (SIR).  For example in the exploit section, the data shows Java exploits uptake in 2010:

Exploits detected by Microsoft desktop antimalware products in 2010, by targeted platform or technology

 

If you are one of these users, we encourage you to apply security updates from Microsoft (and from the ISVs where applicable). In addition, take care and protect your Internet activities.  Install antimalware security software such as Microsoft Security Essentials (or other AVs) to protect your computers proactively using real-time scanning technology.

We want to give a special thanks to Holly Stewart for her assistance in this post.

 

— Scott Wu & Joe Faulhaber, MMPC