|
| Register for our Free Newsletters |
|
 |
|
|
|
|
|
|
|
|
| Other Carouselweb publications |
|
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
Cross Platform Java Exploit Kits
|
|
M86 Security
: 19 December, 2011 (Technical Article) |
|
|
Malware distribution with the use of a new java exploit identified and described by M86 Security |
|
|
|
M86 Security Labs has identified that exploit kits are now being used to distribute malware in most of the malicious web pages that they are tracking. A new Java exploit that works across all platforms has made these exploit kits a lot more effective. This situation will continue until a patch has been released.
Malware distributors have rushed to add the Java exploit to their kits and both BlackHole and Phoenix have received updates in recent weeks.
Writing on the blog, M86 Security researcher, Daniel Chechik warns, “The vulnerability is cross-platform and doesn’t require heap spray or buffer overflow techniques. That makes it very effective and therefore authors of exploit kits rushed to add it to their kits. The concerning aspect is that the Blackhole exploit kit was updated even before a patch was released by the vendor. We encourage users to keep their Java updated, or remove it if it is not needed.”
M86 Secure Web Gateway, version 9.2 and above, provides zero-day protection against this attack, without requiring any further updates.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
