Welcome to WebmasterWorld Guest from 54.146.248.111

Forum Moderators: phranque

Message Too Old, No Replies

Java vulnerability, update soonest

cross platform exploit

     

tangor

12:32 am on Dec 3, 2011 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Security community Metasploit took a recent look at this vulnerability, and found that the exploit, described as "a big one," is run completely and successfully on all systems running Java prior to version 1.6.0_29-b11, including Windows XP, Windows 7, Ubuntu Linux, and Apple's OS X.

On all platforms, only Google's Chrome browser gave any notification that a Java applet was running; other browsers like Safari, Internet Explorer, and Firefox gave no indication at all. Regardless of this difference, the malicious applet ran easily and successfully in all browsers.

According to Krebs on Security, the exploit "should not be taken lightly by any computer user," since Java is installed on more than 3 billion computing devices worldwide. Krebs cites Microsoft's Tim Rains as mentioning that Java-based exploits were the most common ones seen on computer systems in the first half of 2011, suggesting that hackers would be eager to get their hands on this current exploit.

[reviews.cnet.com...]
 

Featured Threads

Hot Threads This Week

Hot Threads This Month