Brian Krebs over at KrebsOnSecurity.com has just issued a warning regarding a new Java exploit, powered by The Blackhole Exploit Kit. It is very important to make sure your Java is contantly up-to-date and patched since it is one of the most common vulnerabilities related to malicious attacks.
Here’s a copy of Brian’s original post:
New Java Exploit to Debut in BlackHole Exploit Kits
Malicious computer code that leverages a newly-patched security flaw inOracle’s Java software is set to be deployed later this week to cybercriminal operations powered by the BlackHole exploit pack. The addition of a new weapon to this malware arsenal will almost certainly lead to a spike in compromised PCs, as more than 3 billion devices run Java and many of these installations are months out of date.
The attack may be related to an exploit published for CVE-2012-1723 in mid-June by Michael ‘mihi’ Schierl . But according to the current vendor of the BlackHole exploit pack, the exact exploit for this vulnerability has only been shared and used privately to date. Reached via instant message, the BlackHole author said the new Java attack will be rolled into a software update to be made available on July 8 to all paying and licensed users of BlackHole.
Regardless of which operating system you use, if you have Java installed, I would advise you to update it, neuter it or remove it as soon as possible. The reason I say this is that Java requires constant patching, and it appears to be the favorite target of attackers these days.
If you primarily use Java because some Web site, or program you have on your system — such as OpenOffice or Freemind — requires it, you can still dramatically reduce the risk from Java attacks just by disabling the plugin in your Web browser. In this case, I would suggest a two-browser approach. If you normally browse the Web with Firefox, for example, consider disabling the Java plugin in Firefox (from the Add-ons menu, click Plugins and then disable anything Java related, and restart the browser), and then using an alternative browser (Chrome, IE9, Safari, etc.) with Java enabled to browse only the site that requires it.
Apple stopped bundling Java by default in OS X 10.7 (Lion), it offers instructions for downloading and installing the software framework when users access webpages that use it. The latest iteration of Java for OS X configures the Java browser plugin and Java Web Start to be deactivated if they remain unused for 35 days.
We here at New River Computing would like to thank Mr. Krebs for all of his great work on keeping everyone informed with the latest security news! His original post can be found here.
