Java zero-day exploit strikes again

Mar 1, 2013
2

The Java zero-day exploit has been making the rounds lately, hitting both Facebook and Apple just recently. However, it doesn't seem to be slowing down anytime soon. A newly discovered zero-day vulnerability in the most recent versions of Java 6 and Java 7 has been discovered, and it allows attackers to install malicious software on vulnerable PCs, specifically a new "McRat" trojan.

Security firm FireEye has detected the vulnerability, and they have "observed successful exploitation" against browsers that are running Java 1.6 update 41 and Java 1.7 update 15. These are the two most recently released versions of Java 6 and Java 7. The vulnerability allows the install of a remote-access trojan called McRat.

However, the attack is only triggered when people with an infected version of the Java browser plugin visit a website that has been infested with the malicious code. Plus, FireEye says that the exploit "is not very reliable," since it just simply tries to overwrite a large chunk of memory. In other words, hackers can succeed in downloading malicious code onto victims' computers, but most of the time it fails to actually execute.

FireEye suggest disabling Java until a patch has been applied, or if you don't use Java, you can simply uninstall the plugin altogether. Last month, Apple employees were targeted by a Java zero-day exploit, and while a handful of company computers were breached into, the company says no personal data was stolen. The same goes for Facebook, which experienced the exploit a few days before.

[via Information Week]


Must Read Bits & Bytes