Antivirus company Trend Micro has detected a new type of malicious software that masquerades as a patch for the environment Java, allegedly eliminating vulnerabilities in this latest development.
Recall that Oracle over the past 7 days did release an update for Java 7 that addresses one of the critical dangerous vulnerabilities, but independent security experts say that the company failed to eliminate all the problems in Java and users computers are still under attack. Obviously, this decided to play by criminals.
In Trend Micro say they found the fake pseudo-patch Java 7 Update 11, is present in at least one site that has no relation to the original Oracle and Java. During the downloading and installation of this patch on the computer there is a malicious software.
In the case investigated pseudo-update to your computer the program is installed backdoor which give unauthorized access to a user’s system via a remote server. In Trend Micro says that users should learn very clear: updates and additions are downloaded only from official sites or from the built-update system.
More technical information is available at:
http://blog.trendmicro.com/…/malware-poses-as-an-update-for-java-0-day-fix