New Java Attack Rolled Into Exploit Kits

Jack

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Forum Veteran
Jan 24, 2011
9,380
1
24,873
8,379
malwaretips.com
krebsonsecurity.com said:
A new exploit that takes advantage of a recently-patched critical security flaw in Java is making the rounds in the criminal underground. The exploit, which appears to work against all but the latest versions of Java, is being slowly folded into automated attack tools.

The exploit attacks a vulnerability that exists in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier. If you are using Java 6 Update 29, or Java 7 Update 1, then you have the latest version that is patched against this and 19 other security threats. If you are using a vulnerable version of Java, it’s time to update. Not sure whether you have Java or what version you may be running? Check out this link, and then click the “Do I have Java?” link below the big red “Free Java Download” button.

A few weeks back, researcher Michael ‘mihi’ Schierl outlined how one might exploit this particular Java flaw. Over the weekend, I stumbled on a discussion in an exclusive cybercrime forum about an exploit that appears to have been weaponized along the same lines as described by Schierl. Below is a recording of a video posted by one of the members that shows the attack in action.



Read more>>>
Click to expand...
 
Last edited:
Glad I have Secunia PSI keeping a secure eye on my installed software, I am patched and up to date. Thanks for the post Jack :)
 
The sole solution is to maintain up to date to Java since its easily exploited.

Also more chance not to be exploit if not using Java beside on needed task.
 
Java is not installed on my system, and never it will be unless for some major needs.
 
The main problem is that people don't update Java.......and yes , this is a very highly targeted program...... I know that in some countries this program is really need it when doing financial or administrative transactions....
Usually when I look at a OTL log I see that the user has a an old version of Java, I for one don't have it installed and I don't plan to install it because I really don't need it....
An up-to-date Java, EMET or a solid config should keep you safe....
BTW doesn't Firefox have a alert when a Java app is trying to run .... you know like Chrome has , because in this case it could prevent an infection

chrome1_plugin.jpg
 
Apparently this exploit doesn't work with Chrome and there's no sufficient explanation why lol probably Chrome doing something with the communication to Java.
 
MrXidus said:
umbrapolaris said:
Java is not installed on my system.
Click to expand...

Same here, If I really need to use Java I'll start up my VM which does have Java installed.
Click to expand...

I am the same, I don't have it installed either. I don't really use it and need it. When I do I will install it then.
 
You must log in or register to reply here.

You may also like...