Architecture, Network security, Strategy, Vulnerability management, Threats, Malware

Despite patch, exploits against new Java bug picking up

August 3, 2012
Researchers at Microsoft are warning that malware taking advantage of a patched Java vulnerability is now being heavily targeted. Detection rates for exploits against the vulnerability (CVE-2012-1723) are now overtaking attacks abusing a previous widely attacked Java bug (CVE-2012-0507), which was used to spread the widespread Flashback trojan that targeted Mac users. Jeong Wook Oh of the Microsoft Malware Protection Center wrote Wednesday in a blog post that the latest vulnerability, classed as a type confusion flaw and patched in June, shows "a high success rate with exploitation when Java Runtime Environment is not updated to the latest secure version."
prestitial ad