Threat of the month: Java exploit

Share this article:
Threat of the month: pdf.exe.zip files
Threat of the month: pdf.exe.zip files

What is it?

A remote code execution vulnerability (tracked as CVE-2013-2423) affecting Java versions 7 Update 17 and prior, which allows a complete sandbox bypass via browsers.

How does it work?

The root cause of the vulnerability is a type-confusion issue in Java reflection, which allows calling internal methods to disable the security manager. This issue can be leveraged by simply convincing a user to visit a web page that contains malicious Java content.

Should I be worried?

Yes, an exploit for this vulnerability is now bundled in various exploit kits that allow arbitrary code execution in a reliable manner. Users should show caution when visiting untrusted websites if their systems are not patched.

How can I prevent it?

Oracle has since issued version 7 Update 21, which fixes the vulnerability. Any system using an older version should update to this generation. This update fixes 42 security issues, including the one discussed above.

Share this article:
close

Next Article in Threat of the Month

Sign up to our newsletters

More in Threat of the Month

Threat of the month: Linksys router zero-day

Threat of the month: Linksys router zero-day

This month's vulnerability is currently being exploited by a worm known as "TheMoon."

Threat of the month: Java vulnerabilities

Threat of the month: Java vulnerabilities

For March's threat of the month, Secunia's Kasper Lindgaard believes Java vulnerabilities should be at the top of everyone's radar.

Threat of the month: Government agencies

Threat of the month: Government agencies

The continued leak of classified government intelligence documents by Edward Snowden draws into question the balance of offensive and defensive capabilities of governments.