The Broadband Guide
search advanced
 forgot password?

Java zero-day exploit hits the web

2012-08-28 08:51 by
Tags: , ,


A new browser-based exploit for a Java vulnerability that allows attackers to execute arbitrary code on client systems has been spotted in the wild and because of Oracle's Java patch schedule, it may be some time before a fix becomes widely available.

Atif Mushtaq of security firm FireEye reported that the vulnerability is present in the Java Runtime Environment (JRE) version 1.7 or later, while PCs with Java versions 1.6 or earlier installed are not at risk.

"Unlike other exploits, which, when they run, crash your browser and give you a feeling that something is wrong, this attack really works silently," Mushtaq said on August 27. "Every big platform is really being targeted right now."

Although the exploits now circulating in the wild have been aimed only at Windows users, it's possible that Macs could also be targeted.

"What is more worrisome is the potential for this to be used by other malware developers in the near future," said Intego, a Mac-specific antivirus vendor, in a post to its own blog Monday. "Java applets have been part of the installation process for almost every malware attack on OS X this year."

Read more -here-


  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About