Threat of the month: pdf.exe.zip files
Threat of the month: pdf.exe.zip files

What is it?

A remote code execution vulnerability (tracked as CVE-2013-2423) affecting Java versions 7 Update 17 and prior, which allows a complete sandbox bypass via browsers.

How does it work?

The root cause of the vulnerability is a type-confusion issue in Java reflection, which allows calling internal methods to disable the security manager. This issue can be leveraged by simply convincing a user to visit a web page that contains malicious Java content.

Should I be worried?

Yes, an exploit for this vulnerability is now bundled in various exploit kits that allow arbitrary code execution in a reliable manner. Users should show caution when visiting untrusted websites if their systems are not patched.

How can I prevent it?

Oracle has since issued version 7 Update 21, which fixes the vulnerability. Any system using an older version should update to this generation. This update fixes 42 security issues, including the one discussed above.