Java zero-day exploit hits the web2012-08-28 08:51 by Daniela
Tags: Java, security, exploit
A new browser-based exploit for a Java vulnerability that allows attackers to execute arbitrary code on client systems has been spotted in the wild – and because of Oracle's Java patch schedule, it may be some time before a fix becomes widely available.
Atif Mushtaq of security firm FireEye reported that the vulnerability is present in the Java Runtime Environment (JRE) version 1.7 or later, while PCs with Java versions 1.6 or earlier installed are not at risk.
Although the exploits now circulating in the wild have been aimed only at Windows users, it's possible that Macs could also be targeted.
Read more -here-