Zero-day vulnerability discovered in the latest updated version of Java
Security experts have pinpointed a new vulnerability found in Java 7 Update 6. The latter is currently being used to spread a Trojan horse.
It is the firm FireEye who discovered this vulnerability and considered it "extremely critical" by security experts. It covers the latest updated version of Java: it allows you to install remote code. The vulnerability is currently being exploited by hackers to deploy a variant of the Poison Ivy Trojan on infected machines from a server based in Singapore.
For the moment, the flaw exploited by hackers is "qualified", but the Internet publication of a "proof-of-concept" (PoC) offers the possibility of less experienced hackers. A situation that worries the experts, indicating that the flaw can be exploited via Internet Explorer, Firefox, Opera, Safari and Chrome all versions, on Ubuntu 10.04, Windows XP, Vista and 7 as well as OS X 10.7.4.
Oracle has not yet responded to this threat, and still provides the next patch for 16 October. Meanwhile, security experts recommend strengthening the protection of machinery at risk, and even uninstalling Java 7 as a fix.
Dell C610 PIII 1Ghz
Docking station
DLink Radio
Codi DC/DC adaptor
Bookmarks