Tuesday, August 28, 2012

Exploit the vulnerability of 0-day in Java

Exploit the vulnerability of 0-day in Java can cost $ 100,000

Exploit module is already available in Metasploit, and possibly in the BlackHole.

For the past few days on the Internet is discussed actively zero-day vulnerability in the environment Oracle Java, which is actively maintained during targeted attacks. First reported the vulnerability of experts FireEye, who talked about what address the server is used by an exploit.

In its notification expert FireEye, Atif Mushtaq noted that in the near future to exploit vulnerabilities in Java will become widely available, and attackers can use it very actively. Total overnight company Rapid 7 introduced a module exploit platform Metasploit. This module exploits a vulnerability in JRE for the latest versions of browsers Mozilla Firefox, Internet Explorer, and Safari on platforms Linux, Windows and Macintosh.

According to analyst Information Security Brian Krebs, soon to exploit the vulnerability CVE-2012-4681 will be available in a set of tools for hacking BlackHole. Quoting one of the leaders of BlackHole, Krebs wrote that the price of such an exploit could be about $ 100,000.

From Oracle at the time of publication of news no comment on the removal of the vulnerability has been reported. While the company does not respond (and the next planned release of updates for Java will not happen until October), users have to find a way to protect themselves from a system compromise.

Experts offer a variety tips on how you can protect yourself from this vulnerability. The most reliable and radical method is the complete removal of the system with Java, user which is published on the manufacturer's website. You can leave a working version of Java on one of the browsers and using it to separate trusted sites.

Some experts also recommend Java rollback to an earlier version, or install a third-party solution, but both methods carry their own dangers, and thus can not guarantee a solution.

Severity Rating: Critical

Affected versions: Oracle Java JRE 6 update 7 build 1.7.0_06-b24

Description: The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability is caused due to an unspecified error. This can be exploited to compromise a vulnerable system

Note: The vulnerability is being actively exploited in the present.

Solution: The way to eliminate the vulnerability does not exist at present.

No comments:

Post a Comment