Threat of the month: Java exploit

Share this article:
Threat of the month: pdf.exe.zip files
Threat of the month: pdf.exe.zip files

What is it?

A remote code execution vulnerability (tracked as CVE-2013-2423) affecting Java versions 7 Update 17 and prior, which allows a complete sandbox bypass via browsers.

How does it work?

The root cause of the vulnerability is a type-confusion issue in Java reflection, which allows calling internal methods to disable the security manager. This issue can be leveraged by simply convincing a user to visit a web page that contains malicious Java content.

Should I be worried?

Yes, an exploit for this vulnerability is now bundled in various exploit kits that allow arbitrary code execution in a reliable manner. Users should show caution when visiting untrusted websites if their systems are not patched.

How can I prevent it?

Oracle has since issued version 7 Update 21, which fixes the vulnerability. Any system using an older version should update to this generation. This update fixes 42 security issues, including the one discussed above.

Share this article:
close

Next Article in Threat of the Month

Sign up to our newsletters

More in Threat of the Month

Threat of the month: Network deperimeterization

Threat of the month: Network deperimeterization

Security professionals should be aware of network deperimeterization, which decreases the usefulness of network edge security devices and increases the potential for device infection and data loss.

Threat of the month: Drive-by download

Threat of the month: Drive-by download

The pervasiveness of drive-by downloads has made it our threat of the month for May.

Threat of the month: Linksys router zero-day

Threat of the month: Linksys router zero-day

This month's vulnerability is currently being exploited by a worm known as "TheMoon."