homepage Welcome to WebmasterWorld Guest from 54.205.99.71
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Microsoft / Deprecated - Microsoft Windows OS (XP/NT/Vista)
Forum Library, Charter, Moderators: bill

Deprecated - Microsoft Windows OS (XP/NT/Vista) Forum

    
Java exploit, embedded back door?
Report regarding malware use of Java Web Start
tangor




msg:4114017
 10:20 pm on Apr 11, 2010 (gmt 0)

The bug in the Java Web Start component has been confirmed exploitable on all recent versions of Windows by Tavis Ormandy, a security researcher who prefers his employer not be named. Fellow researcher Ruben Santamarta of Spain-based security firm Wintercore, said a related flaw potentially affects Linux users as well.

Both researchers stressed the ease in which attackers can exploit the bug using a website that silently passes malicious commands to various Java components that jump-start applications in Internet Explorer, Firefox, and other browsers. Ormandy said he alerted Java handlers in Oracle's recently-acquired Sun division to the threat but "they informed me they do not consider this vulnerability to be of high enough priority to break their quarterly patch cycle."

As reported at The Register: [theregister.co.uk...]

I don't run Java... ie. it is not installed... but how many others out there are doing the same?

 

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Microsoft / Deprecated - Microsoft Windows OS (XP/NT/Vista)
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved