Another Java exploit spreading

Share this article:

In what has become a familiar refrain, security researchers have spotted another Java zero-day vulnerability under active attack.

Network security company FireEye said the vulnerability being exploited in the wild is present in the most up-to-date versions of Java SE software: version 6 Update 41 and version 7 Update 15, researchers Darien Kindlund and Yichong Lin wrote in a blog posted Thursday.

"Not like other popular Java vulnerabilities in which security manager can be disabled easily, this vulnerability leads to arbitrary memory read and write in JVM (Java Virtual Machine) process," they wrote. "After triggering the vulnerability, [the] exploit is looking for the memory which holds JVM internal data structure, like if Security Manager is enabled or not, and then overwrites the chunk of memory as zero...The exploit is not very reliable, as it tries to overwrite a big chunk of memory. As a result, in most cases, upon exploitation, we can still see the payload downloading, but it fails to execute and yields a JVM crash."

If the payload does execute, users' computers will be hit with a "McRAT" executable.

For some time, security experts have recommended users disable Java for the browser, as it has served as a vector for repeated attacks. In fact, Oracle, which maintains Java, just last month updated the technology to resolve a vulnerability that was leading to targeted exploits. 

"Our recommendation is to uninstall Java from the desktop if possible," wrote Wolfgang Kandez, CTO of vulnerability and compliance management firm Qualys, in a Friday blog post. "Otherwise disconnect Java from the browser, which recent versions of Java have made much easier."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.