New exploit, an attacker previously unknown vulnerabilities and gaps in older versions of Java is widely used by hackers, according to researchers at antivirus company FireEye.
"We recorded the successful exploitation of vulnerabilities in Java 6 Update 41 and Java 7 Update 15-preset in web-browsers," - said in his blog employee FireEye Darien Kindlund.
During the researchers analyzed incidents malware used by attackers to install tool McRAT, designed to provide remote access to the system. The virus is usually used in targeted attacks, but did not specify FireEye, who became the target of hackers.
As follows from the screen shot with the traffic analysis, the exploit is downloaded from Japanese web-site in a format «. Jpg», which is probably intended to distract attention.
System compromise in Java
Severity Rating: Critical
If the Patch: None
Number of vulnerabilities: 1
CVE ID: CVE-2013-1493
Vector of operation: Remote
Impact: System Compromise
Affected Products: IBM Java 6.x
IBM Java 7.x
Affected versions:
Java 6 Update 41, perhaps the only one.
Java 7 Update 15 possibly other versions.
Description:
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability is caused due to an unspecified error. Details were not disclosed.
Note: The vulnerability is being actively exploited in the present.
Manufacturer URL: http://www.java.com/
Solution: The way to eliminate the vulnerability does not exist at present.
Links:
http://blog.fireeye.com/research/2013/02/yaj0-yet-another-java-zero-day-2.html
No comments:
Post a Comment