BlackHole Updated for Facilitating Exploitation of Critical Java Flaw
A malware kit that cyber-criminals widely use is now in its revised form and so includes malevolent software designed for exploiting a critical security flaw within Java, which according to experts, a large number of Internet-users require patching, published crn.com on March 29, 2012.
Reportedly, it is the Java vulnerability CVE-2012-0507, which attackers could exploit using the updated malware kit namely BlackHole. Renowned software company Microsoft said that it had come across malicious programs abusing this vulnerability. Successful exploitation lets an attacker to get around the sandbox utility of Java for planting malware like a Trojan onto the affected PC.
Security Researcher Marcus Carey for Rapid7 said that whenever a hacker included an attack code like one abusing CVE-2012-0507 into bulk attack kits, the risk that was hitherto hypothetical turned real. Crn.com published this.
Meanwhile, many criminal carding forums reveal posts that the attack code currently is by default delivered to online crooks using BlackHole. Like all exploit packs, BlackHole too serves as a malware kit, which's inserted into malevolent or compromised websites, letting the miscreant create any number of browser exploits with which he attacks visitors. If these visitors access such websites using obsolete browser plug-ins then malicious code may get surreptitiously loaded, while Java nearly always is the best technique to compromise via any attack toolkit.
The mentioned vulnerability affecting Java, it's reported has been rated 'critical' owing to end-users being lackadaisical in making the plug-in up-to-date. Actually during February, certain security patch was issued to fix the Java flaw, but the pace at which 28m Internauts supposedly deployed it shows that 60%-80% of the PCs containing active Java are actually prone to attacks, Rapid7 estimates. The flaw impacts every operating system, Mac OS X, Ubuntu, Windows XP et al, included.
In fact, merely 10%-or-so end-users are using Java's latest edition. Also, about 20% have patched the application, while over 30% have done so successfully. During 2011, the peak percentage of patch application was 38% after 3-months of release of Java ver.6 Update 26.
Naturally, all users who haven't installed the patch as yet are advised doing so ASAP.
Related article: Blackhole Exploit Injected into USPS Website
» SPAMfighter News - 07-04-2012