Yet another Java zero-day exploit
Results 1 to 5 of 5

Thread: Yet another Java zero-day exploit

  1. #1
    Super Moderator
    Join Date
    Jul 2012
    Riviera Beach, Maryland, USA

    Exclamation Yet another Java zero-day exploit

    Another Java zero-day exploit in the wild actively attacking targets
    Latest attacks used to surreptitiously install McRat trojan on victim machines.
    by Dan Goodin - Mar 1 2013, 11:10am EST

    Hackers are exploiting a previously unknown and currently unpatched vulnerability in the latest version of Java to surreptitiously infect targets with malware, security researchers said Thursday night.

    The critical vulnerability is being exploited to install a remote-access trojan dubbed McRat, researchers from security firm FireEye warned. The attacks work against Java versions 1.6 Update 41 and 1.7 Update 15, which are the latest available releases of the widely used software. The attack is triggered when people with a vulnerable version of the Java browser plugin visit a website that has been booby-trapped with attack code. FireEye researchers Darien Kindlund and Yichong Lin said the exploit is being used against "multiple customers" and that they have "observed successful exploitation."

    The security of Java is reaching near-crisis levels as reports of new in-the-wild exploits have become an almost weekly occurrence over the past few months.

    ___________Microsoft Safety & Security Center___________
    \____________________ ____.-.____ ____________________/
    \_____________\ -._)!(_.- /_____________/
    \_______\. ~\ /~ ./_______/

    "Men never do evil so completely and cheerfully as when they do it from religious conviction" -Blaise Pascal

  2. #2
    Registered User Ferrit's Avatar
    Join Date
    Apr 2001
    Vancouver Island The Real Canada
    Concerning Java
    it seems
    Gigabyte 990FXA-UD3
    AMD FX 8350 4ghz OCTO-Core
    Windows 8.1 PRO 64
    Adata 256 gig SSD
    Kingston HyperX 1600 16 Gigs
    Sapphire R9 280 2gig
    Enermax Liberty Modular 620

  3. #3
    Registered User slgrieb's Avatar
    Join Date
    Feb 2003
    Ah, yes. Remember when Java was the secure alternative to ActiveX?
    Yes, Mr. Death... I'll play you a game! But not CHESS !!! BAH... FOOEY! My game is...

  4. #4
    Registered User nunob's Avatar
    Join Date
    Oct 2002
    Can't never did anything except whine about what he couldn't do.
    Do, or do not. There is no try. Free Chat

  5. #5
    Registered User cookin chef's Avatar
    Join Date
    Jul 1999
    Saskatoon, SK.
    After reading this article, , I'm experimenting with permanently uninstalling Oracle Java from all my personal systems and keeping Google Chrome installed with java plug in.

Similar Threads

  1. Replies: 0
    Last Post: October 31st, 2012, 03:38 PM
  2. DSO Exploit
    By acmelsmith in forum Spyware & Antivirus - Security
    Replies: 4
    Last Post: August 22nd, 2004, 10:21 PM
  3. Replies: 8
    Last Post: July 29th, 2002, 02:31 PM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts