LogOnFixIt.Com

Java flaw draws…

In Uncategorized on January 12, 2013 at 5:46 am

Java flaw draws Web attacks

Java flaw draws Web attacks, reports say

A vulnerability in the Java software has the potential to affect a wide swath of computer users, and researchers warn that it’s already being exploited “in the wild.”

Jonathan Skillings

 January 10, 2013 1:22 PM PST

Security researchers have spotted a new vulnerability in the widely used Java softwarethat could give attackers access to your computer.

The US-CERT group today issued an alertsaying that Java 7 Update 10 and earlier versions of the software contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code. The attack can be induced if someone visits a Web site that’s been set up with malicious code to take advantage of the hole.

This weak spot is already being attacked “in the wild” — that is, it’s a real-world threat — and is being incorporated into exploit kits that make it easier for those with ill intentions to create an attack.

Java supplier Oracle has yet to issue a fix for the vulnerability, so researchers are advising users to disable Java for the time being.

The zero-day vulnerability was reported to US-CERT by a blogger named Kafeine at the siteMalware don’t need Coffee. The exploit has been confirmed by AlienVault Labs, which also was alerted to the matter by Kafeine, and by BitDefender, according to a report in Computerworld.

We’ve reached out to Oracle for comment and will update this story when we hear back.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: