If you have Java installed on your browser, you run an imminent risk of being victim to a possible zero-day exploit. The vulnerability has just been discovered by security researchers and it is being said that it can be exploited to drop a payload, such as a malware, into the targeted computer.
According to the security analysts who were able to spot this vulnerability on the web, it is present in Java Runtime Environment version 1.7 or later. Essentially, with the help of this vulnerability, an attacker can force your computer to download a payload and then run it. The payload usually carries a malware with it which, in turn, can wreck havoc on your computer and steal your critical information.
For now, security researchers have found the exploit being used to exploit Windows machines. However, given the nature of the exploit, it has been revealed that it can also be used to exploit machines running other OS, such as Linux or Mac OS X.
The server on which the exploit has been found to be existent links up to an IP address in China whereas the command-and-control server of the payload malware that is installed through this exploit is believed to be in Singapore right now. Oracle may take a while in updating and patching the vulnerability, so for now, the best thing to do is to simply disable Java on your browser.
No substantially useful patch for this vulnerability is available from any other security vendor until now. So rather than waiting for Oracle to patch it up, you should disable Java for now and stay tuned for any official updates from Oracle.
Source: FireEye
[ttjad keyword=”hot”]
