Java Recommended To Be Disabled Because of New Exploit

@kafeine was first to report the exploit, which was then successfully reproduced by Jaime Blasco from security software company AlienVault. Blasco wrote that he was able to "trick" the malicious Java applet, which, according to @kafeine is distributed via a site with "hundreds of thousands of hits daily"  to execute the calc.exe in their lab.

There is not much information about the vulnerability and exploit available at this time, but Blasco wrote that the exploit is probably bypassing certain security checks by tricking the permissions of certain Java classes as we saw in CVE-2012-4681. The only defense against the issue is to disable the Java browser plugin, Blasco said.

 

Contact Us for News Tips, Corrections and Feedback

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
29 comments
    Your comment
    Top Comments
  • We have an application at the office that relies on Java. One of our managers told all his employees to disable java, and later me that there was an issue with the server because the App wasn't working.
    20
  • ss202slWe have an application at the office that relies on Java. One of our managers told all his employees to disable java, and later me that there was an issue with the server because the App wasn't working.

    Yay for managers who doesn't know how things work!
    20
  • CamikaziWait, again? Didn't they recommend you disable Java a few months ago cause of some vulnerability?


    Java is only safe to run during the first 1/4 phase of a waxing moon. You will need to wait until next month to run your poorly performing application with GUI that feels like it is from the 90's.
    16
  • Other Comments
  • Wait, again? Didn't they recommend you disable Java a few months ago cause of some vulnerability?
    13
  • Why hack java

    in america, there are so many people that willingly hand over any personal information u want.
    just say u are giving away some free
    12
  • Java uninstalled long ago
    7