Saturday, January 12, 2013

New malware exploiting Java 7 (Windows and Unix systems)

According to [1] A new Trojan horse called Mal/JavaJar-B has been found that exploits a vulnerability in Oracle's Java 7 and affects even the latest version of the runtime (7u10).

Further it says ..

""Unspecified vulnerability in Oracle Java 7 Update 10 and earlier allows remote attackers to execute arbitrary code via unknown vectors, possibly related to "permissions of certain Java classes," as exploited in the wild in January 2013, and as demonstrated by Blackhole and Nuclear Pack."

Luckily with the latest versions of Java, users who need to keep it active can change a couple of settings to help secure their systems.

1) Go to the Java Control Panel that is installed along with the runtime, and in the Security section uncheck the option to "Enable Java content in the browser," which will disable the browser plug-in. This will prevent the inadvertent execution of exploits that may be stumbled upon when browsing the Web, and is a recommended setting for most people to do. If you need to see a Java applet on the Web, then you can always temporarily re-enable the plug-in.

2) The second setting is to increase the security level of the Java runtime, which can also be done in the same Security section of the Java Control Panel. The default security level is Medium, but you can increase this to High or Very High. At the High level, Java will prompt you for approval before running any unsigned Java code, and at the Very High level all Java code will require such approval, regardless of whether or not it is signed.


read more at [1] and [2]

And Oracle says it will fix Java flaw ‘shortly’ 
http://www.suntimes.com/business/17545655-420/oracle-says-it-will-fix-java-flaw-shortly.html


Java 7 fails to restrict access to privileged code



[1] http://reviews.cnet.com/8301-13727_7-57563567-263/new-malware-exploiting-java-7-in-windows-and-unix-systems/
[2] http://www.suntimes.com/business/17545655-420/oracle-says-it-will-fix-java-flaw-shortly.html

No comments:

Post a Comment