Exploit for zero-day vulnerability in Java

Posted: January 11, 2013 in Uncategorized
Tags: , , , ,

Java DangerDevelopers Blackhole and Nuclear Pack said that the exploit is a ‘New Year present’ for their clients.

Hackers who are the authors of such sets exploits as Blackhole and Nuclear Pack, claim that they had added a new exploit, an attacker previously unknown and is not currently vulnerability in Java.

Thus, on 9 January, the developer Blackhole – hacker disguised under the pseudonym ‘Paunch’ – said on several underground forums that a zero-day vulnerability in Java is a ‘New Year gift’ to those who use it with a set of exploits. Soon, similar reports were received from the developers and distributors of Nuclear Pack.

According to the two authors of malicious software, described their vulnerability exists in all versions of Java 7, including Java 7 Update 10.

It should be noted that the official comments on the matter from Oracle is not currently reported. At the same time, yesterday, January 10, experts in information security from the company Alienvault Labs confirmed that the exploit does work, even with all the latest updates.

View the Alienvault Labs report here .

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s