New Java 0-day exploited in the wild
Posted on 10 January 2013.
A new Java zero-day being exploited in the wild has been found. With the files we were able to obtain we reproduced the exploit in a fully patched, new installation of Java.

As you can see below we tricked the malicious Java applet to execute the calc.exe in our lab. Click the image for a larger version.


The Java file is highly obfuscated but based on the quick analysis we did, the exploit is probably bypassing certain security checks tricking the permissions of certain Java classes as we saw in CVE-2012-4681.

Right now the only way to protect your machine against this exploit is disabling the Java browser plugin. Let's see how long does it take for Oracle to release a patch.

On the other hand we expect a Metasploit module in the upcoming days as it has been happening during the last year as well as most of the exploit kits adopting this new zeroday sooner than later.

It seems both Blackhole and Nuclear Pack exploit kits are using this vulnerability in the wild.


Author: Jaime Blasco, Head of Labs at AlienVault.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //