A beveiligingsonderzoeker has a new and serious security vulnerability discovered in Java, that at this point, you may have already being abused by attackers, and works on a fully patched Windows machine. Users can the best the Java plug-in disable.
The vulnerability was previously on Thursday, reported by hacker Juk on the blog Malware Don’t Need Coffee, but initially it was not clear that its claims to truth were based. Security firm Alien Vault has the security vulnerability with the information that Juk has made available now to reproduce. They knew their own code to run using the vulnerability on a fully patched Windows installation with Java.
There are two reasons why the vulnerability is severe. First of all, it is a problem for which no patch exists and that, until recently, was not known, a so-called zero day vulnerability. In addition, the vulnerability already in the wild being abused, think Alien Vault: the exploit kits Blackhole and Nuclear Pack would the vulnerability is already included. Exploit kits exploit vulnerabilities in software to install viruses on users’pcs.
Because there is currently no patch available, the only solution is to disable the Java plug-in in the browser, write in the Alien Vault. What the vulnerability entails, however, is not yet entirely clear, although it seems that the permissiesysteem of Java to the garden.
When the security issue is resolved, is unclear. The next quarterly ‘patchronde’ of Java takes place in February, but whether this vulnerability can be included, is unclear. In October managed Java-owner Oracle not to create a serious vulnerability on the time to patch it for the patchronde.
In the past half year there were several zero day problems in Java to the outside. One of the patches that also actively exploited Java vulnerability patchte, introduced a new leak. According to security company Kaspersky, Java is the most popular target of malwareauteurs; in the third quarter of 2012 would have 56 percent of the malware in Java.
The researchers from Alien Vault, start using the exploit from the browser to the application calc.exe. Real malware performs schadelijkere tricks.