Blackhole exploits are a ready-exploit kit used by hackers. With the new Java vulnerabilities just discovered, the kit has become much more successful.
1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading...

Two critical vulnerabilities in Java discovered by security researchers are making waves in the tech media. The vulnerabilities were so critical that the security experts advised the users to simply disable Java until a solution became available. Now, it’s been revealed that the exploit has been added to Blackhole, the popular toolkit of hackers.


Java logo

Blackhole essentially packs a whole range of exploits and is installed on a number of compromised sites. As soon as a user visits one of these sites, the machines become vulnerable to multiple attacks and there’s a significant chance that it would be infected with a malware or some other trojan.

Until now, Blackhole exploit kits are normally able to infect one out of every ten users who visit compromised sites. However, with the new Java exploits available, these kits seem to be far more successful, being able to infect every one out of four visitors to these sites.

This is very significant because on a global scale, this translates to thousands of new infected machines solely because of the newly discovered Java exploits. According to Securelert, “We were able to count tens of thousands of new infected machines due to the Java zero day since the exploit was added to the Blackhole exploit kit.”

Although users had been advised to immediately disable Java on their machines, this simply seems impossible for many who have to use Java for a wide range of things. And so, all these users continuing to use Java are in an imminent risk of being infected with a malware.

Another interesting bit of information that is doing the rounds on the web is that Oracle had been informed, in advance, of this exploit which has now become public knowledge. It was made aware of the risks as far back as April but Oracle apparently chose to ignore it.

It did release a security patch in June but that patch didn’t remove these vulnerabilities from the software. The next update from Oracle is expected in October and by then, security analysts fear, a huge number of machines would’ve been infected already.

Interestingly, the Java components which are causing all the problem are in violation of Oracle’s set of guidelines. Security Explorations, a security firm based in Poland revealed this, also claiming that it clearly pointed out the two vulnerabilities to Oracle, the very same vulnerabilities which are being exploited by the hackers right now.

The silence from Oracle’s side is ominous. The company seems quiet as to what it’s strategy will be in tackling this rather critical issue and whether or not it will release a security patch any time soon.

Courtesy: CNET/ Arstechinca

Buy Cheapest Related Product From Amazon.com


Anti-Piracy Companies Spying On Torrents

Is Windows Phone 8 Officially Releasing On 29 October?
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On August 30, 2012(4 years, 0 months ago.)

You May Also Like:

What Do You Think?

Leave a Reply




Loading Facebook Comments ...

FTC Disclosure: Some of the links of this website are "affiliate links." This means if you click on the link and purchase the item, we will receive an affiliate commission.


Recent Search

Recent Tutorials

There is a high-risk XSS Vulnerability in W3 Total Cache, and we have got the guide to the fix for you.
Check out this tutorial to know how to install Apple watchOS 3 beta certificate on your Apple Watch and start enjoying the new version.
If you are trying to jailbreak iPhone, iPad or iPod on iOS 9.2 - 9.3.3 without using a computer or Apple ID, then check this video tutorial.
Pokemon Go users are complaining about the crashing and server issues. Check out the tutorial to solve error problems and thanks us later.
Turning off Wi-Fi Assist is a great way to save mobile data since it automatically starts using cellular data when Wi-Fi signal is poor .
If you want to secure your SIM card from others using it, then check out this tutorial to know how to set up the SIM Pin code on your iPhone.
CiderTV is a great alternative to control Apple TV from the Notification Center. Check out this tutorial to set up CiderTV on your iPhone.
Are you annoyed by the split screen mode on the iPhone 6 Plus or 6s Plus? Check out this quick tutorial to turn off split screen feature.
If you could not wait to installed the iOS 10 beta version on you iPhone and now struggling for the errors, then this tutorial is for you.
Siri might not understand the question you asked. But you can use Siri by editing the text that you asked & it will give an updated answer.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook