Security Experts Spotted Un-patched Java Vulnerability Executing Arbitrary Coce
Theregister.co.uk published a report on 27 August, 2012 quoting the security experts saying that they have marked a new browser-based exploit for a Java vulnerability, which allows attackers to execute arbitrary code on client's system.
Pcworld.com published a report on 27 August, 2012 quoting FireEyes's Senior Staff Scientist Atif Mushtaq remarking it as susceptibility that has been oppressed in inadequate targeted attacks and most of the java run-time environments, i.e. JRE 1.7x are susceptible.
The abuse is hosted on a website resolving to an IP address in China and its payload is a malware connecting to a domination and control server in Singapore.
The malware induced in the attacks seems to be a variant of Poison Ivy as quoted by Jaime Blasco according to a Researcher with security firm, AlienVault as published in a statement by pcworld.com on 27 August, 2012.
Poison Ivy is an inaccessible administration Trojan program, which has been utilized in many cyber espionage campaigns in the past.
The Java abuse has already been added to the frequently employed Metasploit kit but the most disturbing for users is Oracle typically patches Java thrice a year with its following update about two months earlier.
Forbes.com published a report in August 2012 stating a comment of FireEye's researchers that it's a matter of time that a (proof-of-concept) will be launched and other horrific guys will get hold of this abuse. It will be remarkable to see when Oracle plans to patch and till then most of the Java users are at the mercy of this abuse.
During the same time, users can twirl Java off in their browsers meaning forfeiting functionality on a number of websites but that avoids possible "drive-by download" attacks which unnoticeably infect PCs.
Attack by Java's vulnerability is nothing new. Cybercriminals have integrated attacks against older versions of Java into the commonly-used Blackhole exploit kit since March 2012. Moreover, during April 2012, Flashback malware infected more than 60,000 Macs using Java vulnerability. In response to Flashback, Apple disabled Java by default and set it to automatically disable itself again if a user turns it on without using it for a certain period.
Related article: Securities Push Up A Must For Web Companies
» SPAMfighter News - 05-09-2012