Monday, 13 July 2015

Targeted Attacks On Newly Discovered Java Leak

The Japanese anti-virus company Trend Micro warns of a new critical vulnerability in Java where no update is available for Oracle, which is used in attacks against American defense organization and a member of NATO. According to the virus fighter is about targeted attacks.

That would mean that the vulnerability is not yet widely used to infect home users with malware. For attacking the targets using the assailants emails with a link. The links used by the attackers appear on the left earlier in attacks against NATO members and the White House were deployed, says analyst Li Brooks . In this case the links were encountered in the emails to an American defense organization and a specific NATO member, but who exactly is going does not mean anti-virus company. The link points to a page that tries to make use of the Java leak. In the event that the attack is successful, there is placed on the computer malware.


The vulnerability is present in the latest Oracle Java version, namely update Java 8 45. Older versions of Java, namely 6 and 7 are not vulnerable. Oracle would have been informed. In anticipation of an update enables users to Java in their browser off or the system removed . A few years ago were regularly called zero-day vulnerabilities found in Java and attacked which no update was available. According to Trend Micro, it is almost two years since the last zero-day Java was reported.

No comments:

Post a Comment