You might recall that I have talked about a serious Java exploit that currently has no fix. According to Symantec, the news just got worse. Here’s a quote from a e-mail that Symantec sent me:
In October 2011, Symantec published a paper [Warning: PDF] on The Nitro Attacks targeting chemical companies. These targeted attacks were in the form of an email with a malicious attachment ultimately leading to victims being infected with ‘Poison Ivy’. No vulnerabilities were exploited in these attacks. The recent attacks by this group are more sophisticated, using a Java zero-day vulnerability to infect victims but using the same IP address for the command and control server that was used in 2011.
Well, that’s just delightful. The full details can be found here. But it shows that Oracle needs to step up to the plate and fix this exploit. Until that happens, either downgrade to Java 1.6 (if you must have Java) or disable it entirely.
UPDATE: Apparently there is an update from Oracle that addresses this issue. Check their download page here. It would have been nice if Oracle had said something about this as apparently these have been out since Thursday. Sure they put out something on their blog. But given how serious this was, you’d think they’d make a bit more noise. In any case. Download those updates and protect yourself.
Like this:
Like Loading...
Related
This entry was posted on September 1, 2012 at 12:04 pm and is filed under Commentary with tags Java, Security, Symantec. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Java Zero Day Exploit Leveraged In Targeted Attack Campaign: Symantec [UPDATED]
You might recall that I have talked about a serious Java exploit that currently has no fix. According to Symantec, the news just got worse. Here’s a quote from a e-mail that Symantec sent me:
In October 2011, Symantec published a paper [Warning: PDF] on The Nitro Attacks targeting chemical companies. These targeted attacks were in the form of an email with a malicious attachment ultimately leading to victims being infected with ‘Poison Ivy’. No vulnerabilities were exploited in these attacks. The recent attacks by this group are more sophisticated, using a Java zero-day vulnerability to infect victims but using the same IP address for the command and control server that was used in 2011.
Well, that’s just delightful. The full details can be found here. But it shows that Oracle needs to step up to the plate and fix this exploit. Until that happens, either downgrade to Java 1.6 (if you must have Java) or disable it entirely.
UPDATE: Apparently there is an update from Oracle that addresses this issue. Check their download page here. It would have been nice if Oracle had said something about this as apparently these have been out since Thursday. Sure they put out something on their blog. But given how serious this was, you’d think they’d make a bit more noise. In any case. Download those updates and protect yourself.
Share this:
Like this:
Related
This entry was posted on September 1, 2012 at 12:04 pm and is filed under Commentary with tags Java, Security, Symantec. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.