Critical Java 0-day flaw exploited in the wild
Posted on 27 August 2012.
Researchers from security firm FireEye have discovered targeted attacks exploiting a zero-day Java vulnerability to deliver the Poison Ivy RAT onto the unsuspecting victims' machines.


The vulnerability allows computers to be infected by simply visiting a specially crafted web page, and the malware served in the current attacks contacts a C&C server in Singapore.

The attacks are limited, but it's only a matter of time until other cyber criminals create their own pages exploiting the flaw.

In the meantime, a module that takes advantage of it has already been added to the Metasploit Framework, and it works against a fully patched Windows 7 SP1 with Java 7 Update 6, Mozilla Firefox on Ubuntu Linux 10.04, Internet Explorer / Mozilla Firefox / Chrome on Windows XP, Internet Explorer / Mozilla Firefox on Windows Vista and Windows 7, and Safari on OS X 10.7.4.

Researchers from heise Security have also created a PoC page using information that is publicly available.

Oracle is yet to comment on the news, and to say whether it will break its scheduled quarterly patch cycle to issue a patch for the flaw.

In the meantime, users are advised either to disable or remove Java for the time being - or for good.

If you're a Windows user and you have decided to disable Java, go to your Control Panel, select "Java", and once the "Java Runtime Environment Settings" dialog box appears, select "Java" once again and uncheck the "Enabled" check box. Needless to say, if in the future you need to use Java again, go through the same steps and check the aforementioned check box.

To completely remove Java from your system, go to the Control Panel > Programs > Programs and Features, find Java, select it and press the "Uninstall" button.

Another option is to remove the Java plugin from the browser.






Spotlight

What can we learn from the top 10 biggest data breaches?

Posted on 21 August 2014.  |  Here's a list of the top 10 biggest data breaches of the last five years. It identifies the cause of each breach as well as the resulting financial and reputation damage suffered by each company.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //