Slyck Chatbox - And More

Java Users Beware: Exploit Circulating For Just-Patched Critical Flaw

What's happening in the technology world related to software. Please submit stories for this forum here.
Forum rules

Java Users Beware: Exploit Circulating For Just-Patched Critical Flaw

Postby sunnyd » Tue Apr 23, 2013 2:14 pm

Story :

If you haven't installed last week's patch from Oracle that plugs dozens of critical holes in its Java software framework, now would be a good time. As in immediately. As in, really, right now.

In the past few days, attack code targeting one of the many remote-code-execution vulnerabilities fixed in Java 7 Update 21 was folded into either the folded into the RedKit or CrimeBoss exploit kit. By Sunday, that attack code was being actively unleashed on unsuspecting end users, according to a short blog post published by a researcher from antivirus provider F-Secure.

The post doesn't say where the attacks were being hosted or precisely how attackers are using them. Still, Oracle describes the vulnerability as allowing remote code execution without authentication. And that means you should install the patch before you do anything else today. The track record of malware purveyors of abusing advertising networks, compromised Apache servers, and other legitimate enterprises means readers could encounter attacks even when they're browsing a site they know and trust.

Follow Slyck on Twitter @SlyckDotCom
Join Slyck's Facebook Fan Page
User avatar
Posts: 30027
Joined: Mon Jan 21, 2008 2:34 pm

Return to Tech/Software News

Who is online

Users browsing this forum: No registered users and 3 guests

© 2001-2008