Incident Response, TDR, Vulnerability Management

Threat of the month: Java exploits

What is it?

Remote code execution vulnerabilities affecting Java prior to version 7 Update 25, which allow a complete sandbox bypass via browsers and allow attackers to take access of the affected system.

How does it work?

Issues fixed in the update include memory corruption as well as arbitrary method invocation vulnerabilities. Some of these issues can be leveraged by convincing a user to visit a web page that contains malicious Java content. 

Should I be worried?

Yes, exploits for some of the vulnerabilities are now beginning to surface in frameworks like Metasploit, which equips attackers with fully working exploits. Users should show caution when visiting untrusted websites if their systems are not fully patched.

How can I prevent it?

Oracle has issued version 7 Update 25, which fixes the vulnerabilities, and any system using an older version should update. Additionally, Java now has the default security level of “High,” which makes it harder for attackers to run untrusted applets on a victims system.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.