siljalineI'm lovin' that double widePremiumReviews:
|reply to antdude |
Things are getting nasty !
Java zero-day exploit goes mainstream, 100+ sites serve malware
quote:Oracle knew about zero-day Java vulnerabilities for months, researcher says
Attackers using two recently-uncovered Java unpatched vulnerabilities, or "zero-days," have quickly expanded their reach by going mainstream, security experts said today.
And on Tuesday, Mozilla, maker of Firefox, joined the chorus of advice that users should disable the current version of Oracle's Java. The company is also ready to automatically block the plug-in from running in its browser, although it has not yet pulled the trigger.
The exploit's breakout followed the addition of attack code to the notorious Blackhole exploit toolkit.
Oracle was notified in April about the zero-day vulnerabilities being exploited now by attackers, researcher says.