quote:
The current version of Java contains a serious security hole that allows computers to be infected with malicious code
Deep End Research - »
www.deependresearch.org/ ··· ion.htmlDetails about the exploited vulnerability, mitigation factors and tips.
1. The javascript in index.html is heavily obfuscated.
2. This vulnerability affects Java 7 (1.7) Update 0 to 6.
Does NOT affect Java 6 and below.
3. It works in all versions of Internet Explorer, Firefox, and Opera and Chrome(see notes in article)
3. It does not crash browsers (which does NOT mean it does not work!), the landing page looks like a blank page, sometimes one may see a flash of a rotating Java logo and the word "Loading"
5. The malicious Java applet is downloaded like you see on the picture below. At this point, if your system is not vulnerable or is patched, the attack stops. From the user perspective, it is impossible to tell if the attack was successful or not.
6. If the exploit is successful, it downloads and executes a malicious binary, which calls to another IP address/domain hello.icon.pk / 223.25.233.244
7. Although older Java is not vulnerable to this attack,
downgrading is not recommended due to many other vulnerabilities in the older versions of Java.
8. Disable Java in your browser, apply the patch (see below),
or use Chrome.. Chrome is vulnerable.