No internet connection

No Internet Connection Detected

JAVA Security Bypass Zero-day Exploit / Vulnerability

JAVA Security Bypass Zero-day Exploit   Vulnerability

The latest version of Java has a flaw which allows it to bypass security restrictions and execute code. This allows a hacker to setup a malicious website that can take advantage of this flaw and lure his/her victims to that same website, in an attempt to infect their computers with malwares.

Advertisement

Java is a programming language used by a lot of websites (JRE) to interact with their visitors. A lot of the applications that you use and games that you play, in your browser, are possible because of Java (JRE). The versions of Java affected by this exploit are Java Runtime Environment (JRE) 1.7 and Java Development Kit (JDK) 6. It is possible that other versions may also be affected. Currently, the exploit only affects computers running Microsoft Windows.

Before Oracle releases a patch, you are required to disable Java in your browser. Click here for instructions for disabling Java in your web browser.

How hackers are able take advantage of this exploit?

Hackers can create and send out fake e-mails impersonating legitimate organizations. These e-mails are used in an attempt trick their victims into clicking on a link in the e-mail message that goes to a malicious website setup by the hackers.

They can also post links to this malicious website on Facebook, Twitter and other social networking websites.

Once the victim goes to the malicious website, the Java applet on that page executes, downloading and running a malicious program on the victim's computer. This malicious program can be a virus, Trojan horse or some other malware.

For more information about this Java exploit, please click here.

Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Click here help maintain Online Threat Alerts (OTA).

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Would you share this article with others?  +

Comments, Questions, Answers, or Reviews

There are no comments as yet, please leave one below or revisit.

To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review

NB: We will use your IP address to display your approximate location to other users.

Your post will be set as an anonymous because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

JAVA Security Bypass Zero-day Exploit / Vulnerability