0-day exploit of Java via browser in the wild

[MrColin]

http://www.theregister.co.uk/2012/08/27/disable_java_to_block_exploit/

Although the actual source of the exploit is not known, it was originally discovered on a server with a domain name that resolved to an IP address located in China. The malware it installed on compromised systems attempted to connect to a command-and-control server believed to be located in Singapore.

Oracle has yet to comment on the vulnerability or when users should expect a fix, but it might be a while. The database giant ordinarily observes a strict thrice-annual patch schedule for Java, and the next batch of fixes isn't due until October 16.

 

[seepy83]

Oracle did release an update for this 0-day: http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html

But really, everyone should seriously consider disabling the Java plug-in in their browser and only enabling it when they absolutely need to. Most people don't need it turned on at all and they're just unnecessarily exposing themselves.

 

[weovpac]

But really, everyone should seriously consider disabling the Java plug-in in their browser and only enabling it when they absolutely need to. Most people don't need it turned on at all and they're just unnecessarily exposing themselves.

Indeed, in Firefox it is easy. about:addons => Plugins => click the Disable button for Java

 

[MrColin]

I disabled it from "aboutlugins" in the url bar for opera, chrome, and firefox. In IE its under "Internet Options" > Programs Tab > Manage Add-ons.

 

[MrColin]

It looks like the out of band emergency patch relaeased by Oracle has opened new holes.
http://www.bgr.com/2012/09/04/java-7-security-new-exploit-discovered-oracle/

 

[weovpac]

It looks like the out of band emergency patch relaeased by Oracle has opened new holes.
http://www.bgr.com/2012/09/04/java-7-security-new-exploit-discovered-oracle/

Heh, they can't get it right.