Disable Java! Recent 0-day exploit is included in exploit kits
Posted on 11 January 2013.
The Java zero-day that has recently been spotted being exploited in the wild has turned into big, big news as a number of popular exploit kits have been fitted with the exploit for it and there's still no news from Oracle on when we could expect a fix.

As shared by AlienVault's Head of Labs Jaime Blasco and confirmed by other security researchers, the exploit for the zero-day bypassing certain security checks tricking the permissions of certain Java classes as was the occurrence with the CVE-2012-4681 Java flaw discovered in August 2012.

"Similar to previous bugs, it enables you to run Java code outside the sandbox, so the thing about that is that it’s not dependent on OS or platform. It will run the same exact code on Mac OS X, Windows or Linux," Metasploit creator HD Moore explained for ThreatPost. "The exploits going around are targeting Windows, but more than likely, we’ll see attacks for Mac like we did with the Flashback stuff last year."

It is known that the exploit is very effective and affects the latest Java version (1.7 Update 10), but there's no news about whether it works on version 1.6 - still rather popular with users. Trend Micro researchers say the exploit is being used to spread ransomware.

Everyone - including US-CERT - is advising users to disable Java until Oracle releases a patch.

"We’ve been telling folks to disable Java 10 times a year for the past couple of years now," commented Moore. "It’s really to the point where you should be telling people to keep it disabled all the time."

A Metasploit module for the exploit in question is in the works.

Update: Monday, 14 January 2013 - Oracle patches critical 0-day with new Java update.






Spotlight

Internet Explorer vulnerabilities increase 100%

Posted on 23 July 2014.  |  Bromium Labs research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //