TrojanDownloader:Java/OpenConnection is the detection for a Java based malware family that exploits a vulnerability discussed in CVE-2010-0094. The vulnerability affects Java Runtime Environment (JRE) up to and including version 6 release 18, and makes it possible for untrusted code to gain browser security privileges under the user's account.
A user may encounter threat from this family when visiting a compromised website. If the user is using a vulnerable version of Java, successful exploitation resulting in infection can occur. Threats such as this can often be avoided by ensuring the most up to date software is installed on the computer. To prevent reinfection and avoid similar exploits, make sure up to date security patches are applied to the Java Runtime Environment.
Update vulnerable Java applications
This threat exploits a known vulnerability in Java Runtime Environment. After removing this threat, make sure that you install the updates available from the vendor. You can read more about this vulnerability in Java, as well as where to download the software update from the following links:
It may be necessary to remove older versions of Java that are still present. Keeping old and unsupported versions of Java on your system presents a serious security risk. To read more about why you should remove older versions of Java, see the following information.