ITWire

Home Business IT Security Java zero-day affects multiple platforms

Java zero-day affects multiple platforms

Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


A serious Java vulnerability is being exploited in the wild.

US-CERT is warning of a recently discovered vulnerability in Oracle Java Runtime Environment (JRE) 1.7 (Java 7) that can be exploited to run arbitrary code.

According to the vulnerability note, "an untrusted Java applet can escalate its privileges... without requiring code signing."

"This vulnerability is being actively exploited in the wild, and exploit code is publicly available," warned US-CERT.
An exploit for the vulnerability has been added to the Metasploit exploit kit.

The vulnerability appears to affect Java 7 regardless of the operating system or browser; Windows, Mac OS X and Linux versions of Java 7 are known to be vulnerable.

The vulnerability has initially been used to deliver Windows malware, but that could easily change as Java vulnerabilities have been used in most recent Mac malware attacks.

The vulnerability is specific to Java 7 - earlier versions are not affected.

Page 2: upgrade schedule and mitigations

 

RECRUITMENT & RETENTION REPORT 2013

HIRE OR FIRE? BUY OR BUILD

2013 is well underway and Australian companies need to know whether they should invest in IT skills training or pay a premium for the people they need.

If you want to know which choices are being made in your sector, what skills are hard to find, which sectors intend to hire or fire and where the IT spend is going, this free report is must have.

GET YOUR REPORT NOW

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences, a PhD in Industrial and Business Studies, and is a senior member of the Australian Computer Society.

More in this category: « GovCloud provides backup clouds for Qld local governments New Axis cameras feature wide dynamic range »
back to top


Services

Company

Community

Connect

http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=5460041&PluID=0&ord=[2000]&rtu=-1