We and pretty much the rest of IT world, have written about the Java zero-day exploit, about the fast patch that Oracle release to remove some of the market pressure and also about the fact that such a quick move can only mean that even more bugs were probably introduced, which might lead to other exploits.
Such a mass media frenzy couldn’t have get unnoticed and unused by the cybercriminals.
Now, we and other security companies are seeing malware that pretend to be a patch for the well-known Java zero-day exploit. The malware is pretending to be the Java 7 Update 11 which fixes the mentioned zero-day exploit. All Avira product detect it with the name Java/Agent.AR.
This is how it must look like if Java is not installed on your computer or it is deactivated:
If you see a website that is displaying some kind of error that it can’t run something because Java is not installed, then don’t let yourself fooled and never install a software, let it be patch or not, from any other source than the producer’s website. In this particular case, visit this URL and download the installation kit from Oracle: http://java.com/en/download/index.jsp .