New Java Attack Rolled Into Exploit Kits

[Jack]

A new exploit that takes advantage of a recently-patched critical security flaw in Java is making the rounds in the criminal underground. The exploit, which appears to work against all but the latest versions of Java, is being slowly folded into automated attack tools.

The exploit attacks a vulnerability that exists in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier. If you are using Java 6 Update 29, or Java 7 Update 1, then you have the latest version that is patched against this and 19 other security threats. If you are using a vulnerable version of Java, it’s time to update. Not sure whether you have Java or what version you may be running? Check out this link, and then click the “Do I have Java?” link below the big red “Free Java Download” button.

A few weeks back, researcher Michael ‘mihi’ Schierl outlined how one might exploit this particular Java flaw. Over the weekend, I stumbled on a discussion in an exclusive cybercrime forum about an exploit that appears to have been weaponized along the same lines as described by Schierl. Below is a recording of a video posted by one of the members that shows the attack in action.



Read more>>>

 

[DiabloBlack]

Glad I have Secunia PSI keeping a secure eye on my installed software, I am patched and up to date. Thanks for the post Jack

 

[Hungry Man]

I always stay up to date + EMET so I'm not worried =p

Thanks Jack.

 

[jamescv7]

The sole solution is to maintain up to date to Java since its easily exploited.

Also more chance not to be exploit if not using Java beside on needed task.

 

[win7holic]

At the moment I'm Using Java 6 Update 29.

thanks for Info jack

 

[Deleted member 178]

Java is not installed on my system, and never it will be unless for some major needs.

 

[MrXidus]

Java is not installed on my system.

Same here, If I really need to use Java I'll start up my VM which does have Java installed.

 

[Jack]

The main problem is that people don't update Java.......and yes , this is a very highly targeted program...... I know that in some countries this program is really need it when doing financial or administrative transactions....
Usually when I look at a OTL log I see that the user has a an old version of Java, I for one don't have it installed and I don't plan to install it because I really don't need it....
An up-to-date Java, EMET or a solid config should keep you safe....
BTW doesn't Firefox have a alert when a Java app is trying to run .... you know like Chrome has , because in this case it could prevent an infection

 

[Hungry Man]

Apparently this exploit doesn't work with Chrome and there's no sufficient explanation why lol probably Chrome doing something with the communication to Java.

 

[win7holic]

I just choose "Run now" to it.
if I need it, I enabled it. if not, it will not turn on automatically

 

[McLovin]

Java is not installed on my system.

Same here, If I really need to use Java I'll start up my VM which does have Java installed.

I am the same, I don't have it installed either. I don't really use it and need it. When I do I will install it then.