Java Flaws Exploited in Hacker Kit2011.11.30 09:39 by Daniela
Keywords: hackers, Microsoft, Java
Warnings have been made of a new exploit that takes advantage of a recently patched flaw in Java that is being incorporated into exploit kits. According to security blogger Brian Krebs, the exploit attacks a vulnerability that exists in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier. He also said that it is slowly being incorporated into the BlackHole exploit kit, one of the most widely deployed exploit packs on the market.
"Most [Windows] machines are just not up-to-date with Java," said Wolfgang Kandek, chief technology officer at Qualys, a California developer of security risk and compliance management software and services.
"Java updates lag behind seriously," said Kandek, like Rains reiterating a 2010 take. "Eighty-four percent of the machines we see don't have the June 2011 Java update installed, 81% don't have the February 2011 update and 60% don't have the March 2010 update."
Read more -here-