»

JAVA Security Bypass Zero-day Exploit / Vulnerability

  • Updated: June 2, 2014 2014-06-02T05:16:34 -
  • Posted: January 15, 2013
  • Views: 6,184
  • Comments: 0
 +
JAVA Security Bypass Zero-day Exploit / Vulnerability

Would you share this article with others to help inform them?

  • Yes (1)        No (0)   

The latest version of Java has a flaw which allows it to bypass security restrictions and execute code. This allows a hacker to setup a malicious website that can take advantage of this flaw and lure his/her victims to that same website, in an attempt to infect their computers with malwares.

Please continue reading below.

Java is a programming language used by a lot of websites (JRE) to interact with their visitors. A lot of the applications that you use and games that you play, in your browser, are possible because of Java (JRE). The versions of Java affected by this exploit are Java Runtime Environment (JRE) 1.7 and Java Development Kit (JDK) 6. It is possible that other versions may also be affected. Currently, the exploit only affects computers running Microsoft Windows.

Before Oracle releases a patch, you are required to disable Java in your browser. Click here for instructions for disabling Java in your web browser.

How hackers are able take advantage of this exploit?

Hackers can create and send out fake e-mails impersonating legitimate organizations. These e-mails are used in an attempt trick their victims into clicking on a link in the e-mail message that goes to a malicious website setup by the hackers.

They can also post links to this malicious website on Facebook, Twitter and other social networking websites.

Once the victim goes to the malicious website, the Java applet on that page executes, downloading and running a malicious program on the victim's computer. This malicious program can be a virus, Trojan horse or some other malware.

For more information about this Java exploit, please click here.

Note: Some of the names, addresses, email addresses and telephone numbers in email samples on this website may have been impersonated.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
(Total: 0)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews. Also, anonymous posts cannot be deleted or edited, and when you make a post, we will use your IP address to display your approximate location to other users.

Please continue reading below.

Write Your Comment, Question, Answer, or Review
Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.

My Account | About us | Advertise with us | Guest Posts | Help Maintain OTA | Report Cyber Threats | RSS Feed | Contact us | Terms and Conditions | Privacy Policy | Content Removal Request

This site uses cookies to offer you a complete experience. Learn more. Copyright © 2012 - 2019 - Online Threat Alerts.