A new browser-based exploit for a Java vulnerability that allows attackers to execute arbitrary code on client systems has been spotted in the wild – and because of Oracle’s Java patch schedule, it may be some time before a fix becomes widely available. So just to be on the safe side, it’s recommended to disable Java for now, whether you’re on Windows or OS X.
The vulnerability allows attackers to use a custom web page to force systems to download and run an arbitrary payload – for example, a keylogger or some other type of malware. The payload does not need to be a Java app itself.
In the form in which it was discovered, the exploit only works on Windows machines, because the payload that it downloads is a Windows executable. But the hackers behind the Metasploit penetration testing software say they have studied the exploit and found that it could just as easily be used to attack machines running Linux or Mac OS X, given the appropriate payload.
All browsers running on these systems were found to be vulnerable if they had the Java plugin installed, including Chrome, Firefox, Internet Explorer, Opera, and Safari.
Although the actual source of the exploit is not known, it was originally discovered on a server with a domain name that resolved to an IP address located in China. The malware it installed on compromised systems attempted to connect to a command-and-control server believed to be located in Singapore.
Oracle has yet to comment on the vulnerability or when users should expect a fix, but it might be a while. The database giant ordinarily observes a strict thrice-annual patch schedule for Java, and the next batch of fixes isn’t due until October 16.
Downgrading to an earlier version of Java is not advised, because even though earlier versions aren’t vulnerable to this particular exploit, they may contain other bugs that expose still other vulnerabilities.
- electricstarlight likes this
- kivat likes this
- kornstar reblogged this from iheartchaos
- apricotlenses likes this
- awwscar likes this
- capitainemachinchose likes this
- impalatalia reblogged this from heroburger
- carnivalclown reblogged this from backflipsoutie
- pannzilla likes this
- colorvomitworld reblogged this from iheartchaos
- 67000mph reblogged this from iheartchaos
- feltelures reblogged this from feralphoenix
- feralphoenix reblogged this from thirdmagic
- swordsdivinelight reblogged this from rhythmheavenfever
- latiaslover97 likes this
- laciduspenna reblogged this from mangoesinabasket
- butterfliesandskittles reblogged this from rockerfox999
- persephinae likes this
- stack-of-plates reblogged this from pochimonster
- pochimonster reblogged this from ouendanl
- thesilenceareinthelibrary reblogged this from gogglesaurus
- assault-and-batterie reblogged this from birdootdoot and added:
- broshiya reblogged this from theelectricrose
- theelectricrose reblogged this from iheartchaos
- infinitysexual reblogged this from gogglesaurus and added:
- jelapino reblogged this from kittytakao
- procrastinality likes this
- coquifroggy likes this
- pariston likes this
- pariston reblogged this from pkmnbreedergold
- white-hurricane reblogged this from dancingpurge
- alexisdarkgiver reblogged this from birdootdoot
- paintscroll likes this
- midoaka reblogged this from heroburger
- nagitokomaeda-san reblogged this from ceeberoni
- peixies reblogged this from heroburger
- pennate reblogged this from backflipsoutie
- pkmnbreedergold reblogged this from heroburger
- pkmnbreedergold likes this
- peixies likes this
- himatalia reblogged this from heroburger
- rizubetto reblogged this from backflipsoutie
- heroburger reblogged this from yukitalia
- eccentricitymadness reblogged this from kittytakao
- amlettemiyataiyolk reblogged this from mangoesinabasket
- yukitalia reblogged this from emperor-kanji
- kittytakao reblogged this from atomicvalkyrie
- pippycod reblogged this from mandasaurkitten