DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
October 19, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 73 people online.

 

Latest Reviews
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
 

Follow us
RSS
 

Newly discovered Java security flaw being exploited

Posted on Tuesday, August 28 2012 @ 19:44:47 CEST by


Java logo
Security researchers warn for an unpatched Java exploit that seems to be spreading like wildfire. The bug was discovered just days ago and affects all versions of Oracle's Java 7 (version 1.7) on all supported platforms, but Java 6 and earlier aren't affected.

A patch isn't available and the next scheduled update for Java is October 16th, 2012. Security firm Sophos notes that Oracle has a bad track record for releasing timely patches for Java exploits, but hopes that an out-of-cycle fix will arrive soon due to all the media attention this exploit is receiving.

Web users are advised to disable the Java plug-in, or if possible, to uninstall it. Alternatively, you can disable Java in your favorite browser and have an alternative browser available for the occasional site that requires Java.
Early reports suggested that Google Chrome was immune to the problem, but that appears to have been a bug in the attacker's code. The Metaploit project released proof of concept code that exploits the flaw on all browsers and operating systems (Windows, OS X, Linux).

Michael Schierl has performed a detailed analysis of the bugs and points out that it even disables the Java security manager.

Exploiting the vulnerability appears quite trivial and journalist Brian Krebs has already confirmed it will be added to the Blackhole Exploit kit.

This is very concerning as the Blackhole kit is the most commonly used exploit pack in use by criminals. Considering this is flaw is not patched and is not likely to be patched soon is a very dangerous situation.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba