Java Recommended To Be Disabled Because of New Exploit
A security researcher is urging users to disable their Java plugin immediately due to a newly discovered vulnerability and exploit that was spotted in the wild.
@kafeine was first to report the exploit, which was then successfully reproduced by Jaime Blasco from security software company AlienVault. Blasco wrote that he was able to "trick" the malicious Java applet, which, according to @kafeine is distributed via a site with "hundreds of thousands of hits daily" to execute the calc.exe in their lab.
There is not much information about the vulnerability and exploit available at this time, but Blasco wrote that the exploit is probably bypassing certain security checks by tricking the permissions of certain Java classes as we saw in CVE-2012-4681. The only defense against the issue is to disable the Java browser plugin, Blasco said.
Contact Us for News Tips, Corrections and Feedback
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Wolfgang Gruener is an experienced professional in digital strategy and content, specializing in web strategy, content architecture, user experience, and applying AI in content operations within the insurtech industry. His previous roles include Director, Digital Strategy and Content Experience at American Eagle, Managing Editor at TG Daily, and contributing to publications like Tom's Guide and Tom's Hardware.
-
Camikazi Wait, again? Didn't they recommend you disable Java a few months ago cause of some vulnerability?Reply -
mobrocket Why hack javaReply
in america, there are so many people that willingly hand over any personal information u want.
just say u are giving away some free -
tokencode CamikaziWait, again? Didn't they recommend you disable Java a few months ago cause of some vulnerability?Reply
Java is only safe to run during the first 1/4 phase of a waxing moon. You will need to wait until next month to run your poorly performing application with GUI that feels like it is from the 90's. -
ss202sl We have an application at the office that relies on Java. One of our managers told all his employees to disable java, and later me that there was an issue with the server because the App wasn't working.Reply -
Camikazi ss202slWe have an application at the office that relies on Java. One of our managers told all his employees to disable java, and later me that there was an issue with the server because the App wasn't working.Yay for managers who doesn't know how things work!Reply -
ddpruitt If we had to disable every piece of software that has an exploit we would be able to turn on our computers. Exploits happen all the time I'm sure Oracle will patch this soon enough.Reply
The most important piece of any security system is the person using it.