4 Replies - 7760 Views - Last Post: 28 August 2012 - 06:37 PM

#1 Curtis Rutland  Icon User is online

  • (╯□)╯︵ (~ .o.)~
  • member icon


Reputation: 4531
  • View blog
  • Posts: 7,903
  • Joined: 08-June 10

Users warned to disable Java, 0-day exploit live.

Post icon  Posted 28 August 2012 - 09:20 AM

*
POPULAR

http://www.theregist..._block_exploit/

Quote

A new browser-based exploit for a Java vulnerability that allows attackers to execute arbitrary code on client systems has been spotted in the wild...

...The vulnerability is present in the Java Runtime Environment (JRE) version 1.7 or later...

...The vulnerability allows attackers to use a custom web page to force systems to download and run an arbitrary payload – for example, a keylogger or some other type of malware. The payload does not need to be a Java app itself...

...Oracle has yet to comment on the vulnerability or when users should expect a fix, but it might be a while. The database giant ordinarily observes a strict thrice-annual patch schedule for Java, and the next batch of fixes isn't due until October 16...


Is This A Good Question/Topic? 10
  • +

Replies To: Users warned to disable Java, 0-day exploit live.

#2 Ticon  Icon User is offline

  • D.I.C Regular

Reputation: 28
  • View blog
  • Posts: 320
  • Joined: 20-August 09

Re: Users warned to disable Java, 0-day exploit live.

Posted 28 August 2012 - 01:55 PM

Thanks for exploit. noscript addon should help with that though.
Was This Post Helpful? 0
  • +
  • -

#3 Skydiver  Icon User is offline

  • Code herder
  • member icon

Reputation: 3622
  • View blog
  • Posts: 11,290
  • Joined: 05-May 12

Re: Users warned to disable Java, 0-day exploit live.

Posted 28 August 2012 - 05:12 PM

Okay... I'm confused. My light skimming of various reports of this "zero day" exploit all seem to indicate that the exploit was found only within the past few days. Since Java 1.7 which is what is being exploited was released about about a year ago, wouldn't this be called a "1 year + 20-some days Exploit"?

Or is it being called "Zero Day" exploit because the vulnerability that is being exploited has been present since the first released version 1.7? If that's true, then shouldn't Slammer then also be called a "zero day" exploit since was taking advantage of a bug that was in the first released versions of the database engine despite the engine having been released through several iterations over the years prior to exploitation?
Was This Post Helpful? 0
  • +
  • -

#4 The Architect 2.0  Icon User is offline

  • D.I.C Regular

Reputation: 37
  • View blog
  • Posts: 351
  • Joined: 22-May 08

Re: Users warned to disable Java, 0-day exploit live.

Posted 28 August 2012 - 06:13 PM

wikipedia is pretty helpful with the term: http://en.wikipedia....Zero-day_attack
Was This Post Helpful? 3
  • +
  • -

#5 Skydiver  Icon User is offline

  • Code herder
  • member icon

Reputation: 3622
  • View blog
  • Posts: 11,290
  • Joined: 05-May 12

Re: Users warned to disable Java, 0-day exploit live.

Posted 28 August 2012 - 06:37 PM

Nice explanation in that article. Thanks!

So if Oracle had a entry in their bug database about a vulnerability but it was punted as low priority or low risk; or if the virus authors had sent a notification to Oracle first and given them a 5 day window, then it wouldn't be considered a "zero day" exploit. But since as far as we know, this has blindsided Oracle, then it is truly a "zero day" exploit.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1