Deborah Salmi

11 January 2013

Another Java exploit; disable immediately

Go to comments Leave a comment

A serious new vulnerability notice about Java exploits has been issued by the Department of Homeland Security’s Cybersecurity Division. Java 7 Update 10 and earlier contain a vulnerability that can allow a remote attacker to execute malware on vulnerable systems.

A French researcher called Kafeine discovered that a number of websites using the exploit are able to download files directly to the victim's computer, and execute actions such as installing ransomware. “Hundreds of thousands of hits daily where i found it,” he wrote on his blog. “This could be a mayhem.”

Disable Java in web browsers

Some webpages may include content or apps that use the Java plug-in. There is no fix for this yet, so it is recommended that you protect yourself by disabling Java in your particular browser. Please see our previous blog How do I disable Java in my browser for instructions.

For a higher level of security, it is possible to entirely prevent any Java apps from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. Disabling Java through the Java Control Panel will disable Java in all browsers.

malware, security, General, exploit, Java