As we’ve discussed in previous posts, we are seeing more malware abusing Java issues, including CVE-2012-4681. Currently this vulnerability is an 0-day, and to date there is no patch available from the vendor. It is known that JRE (Java Runtime Environment) 7 is vulnerable to attack on this sandbox-breach vulnerability, while JRE 6 is not. […]
The last few months we have seen a drastic increase in Java-based malware abusing the CVE-2012-0507 AtomicReferenceArray type-confusion vulnerability. In addition to that, a few weeks ago, a new Java vulnerability was found (CVE-2012-1723); it is also a type-confusion vulnerability. The attack abusing this new vulnerability is also very active. Traditionally, Java has a strong […]
If you haven’t updated the Java installation you might be exposed to the newest exploit identified as CVE-2012-0507. The exploit allows the bypassing of Java’s sandbox, a mechanism that is designed partly to prevent attacks from malicious code. Through the exploit are currently Zeus-Trojans downloaded and silently installed in the system. Avira software detects this […]
Latest Comments