Sunday, 13 January 2013

Alert: Java Exploit Potentially Affecting More Than 850 Million Computers

Security professionals are suggesting computer users disable or uninstall Java following the breakthrough of a zero-day Java exploit which allows hackers to take control of vulnerable Macs, PCs and Linux computers.

The exploit takes benefit of a vulnerability left open in Java 7 revise 10, issued in October of last year. It works by getting Java users to visit a website with malicious cipher that takes benefit of a security gap to take control of users' computers.

What's poorer is this particular exploit is allegedly being utilised to impel ransomware, a type of strike that claims users pay to have command of their computers returned from a hacker's grab.

Java's creator, Oracle, hasn't specified the number of users who have downloaded Java 7 Update 10. However, Java sprints on more than 850 million computers and other apparatus. When Oracle issued revise 10, it "strongly suggested" that users update to obtain "key security features and bug fixes."

The exploit was first found out by French researcher Kafeine, who claimed to have discovered it running on a location registering hundreds of thousands of page views daily. 

Should you be worried about this exploit? While security lapses are sometimes overblown, there are good reasons to take this one seriously: The U.S. Department of Homeland Security issued a warning advising users to disable Java until a fix is discovered. Apple has apparently moved to disable Java in response to the threat. Mozilla took the opportunity to warn users and advertise "Click to Play," a Firefox feature which stops Java from loading on individual web sites until a user allows it. Many security experts are advising users disable or uninstall Java for the time being.

SOURCE: MASHABLE

0 comments:

Post a Comment