Latest JAVA Flaw Exploited Widely Within Days

Within days of its discovery by threat protection firm FireEye, a flaw in JAVA (not to be confused with JavaScript) is being widely exploited. It takes the form of a drive-by download and has originated from a Chinese web site, with the page hosting the exploit being timestamped August 22, 2012. The attack that FireEye detected and blocked attempted to install the Poison Ivy rootkit.

This flaw affects all versions of Oracle’s JAVA 7 (v1.7) on all supported platforms. Interestingly, JAVA 6 and earlier don’t have this flaw. Crucially, Oracle have not yet made a patch available, hence making this a zero-day exploit. Oracle has a bad track record of releasing timely patches and it’s next scheduled update for JAVA is a long time away, on October 16, 2012. However, with all the bad publicity that this exploit is generating, hopefully they’ll release a patch sooner.

The attack will soon be added to infamous malware, Blackhole Exploit Kit, if it hasn’t been done so already and will allow an attacker to take over a machine. It’s recommended that JAVA be either uninstalled from the PC, or browser integration disabled, to mitigate the threat. Running quality internet security software will also help to guard against this threat.