Results 1 to 2 of 2

Thread: Zero-day vulnerability discovered in the latest updated version of Java

  1. #1
    Join Date
    Mar 2005
    Location
    Portland, OR
    Posts
    523

    Zero-day vulnerability discovered in the latest updated version of Java

    Security experts have pinpointed a new vulnerability found in Java 7 Update 6. The latter is currently being used to spread a Trojan horse.

    It is the firm FireEye who discovered this vulnerability and considered it "extremely critical" by security experts. It covers the latest updated version of Java: it allows you to install remote code. The vulnerability is currently being exploited by hackers to deploy a variant of the Poison Ivy Trojan on infected machines from a server based in Singapore.


    For the moment, the flaw exploited by hackers is "qualified", but the Internet publication of a "proof-of-concept" (PoC) offers the possibility of less experienced hackers. A situation that worries the experts, indicating that the flaw can be exploited via Internet Explorer, Firefox, Opera, Safari and Chrome all versions, on Ubuntu 10.04, Windows XP, Vista and 7 as well as OS X 10.7.4.

    Oracle has not yet responded to this threat, and still provides the next patch for 16 October. Meanwhile, security experts recommend strengthening the protection of machinery at risk, and even uninstalling Java 7 as a fix.
    Dell C610 PIII 1Ghz
    Docking station
    DLink Radio
    Codi DC/DC adaptor

  2. #2
    Join Date
    Jun 2011
    Posts
    501

    Re: Zero-day vulnerability discovered in the latest updated version of Java

    Atif Mushtaq of FireEye commented in a blog entry that, "The recent Java Runtime Environment-JRE 1.7x is vulnerable. In my lab environment, I was able to successfully run the exploit on a test computer where you installed Firefox with JRE 1.7 Update 6." Originally the exploit was discovered on a hosted domain called ok.XXX4.net that pointed to an IP address in China.

Similar Threads

  1. Replies: 4
    Last Post: 30-01-2012, 08:14 PM
  2. Replies: 5
    Last Post: 15-01-2012, 08:43 PM
  3. Download latest version of eBuddy for your Java Mobile!
    By Aramax in forum Portable Devices
    Replies: 7
    Last Post: 27-08-2011, 06:21 PM
  4. Get latest updated file from your Current Working Directory
    By REDBULL in forum Software Development
    Replies: 4
    Last Post: 10-07-2010, 02:38 PM
  5. GTA IV latest updated addon
    By Mario2 in forum Video Games
    Replies: 3
    Last Post: 31-03-2009, 10:40 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,655,881.39230 seconds with 17 queries