|10 Jan 2011||#1|
Exploit Packs Run on Java Juice
In October, I showed why Java vulnerabilities continue to be the top moneymaker for purveyors of “exploit kits,” commercial crimeware designed to be stitched into hacked or malicious sites and exploit a variety of Web-browser vulnerabilities. Today, I’ll highlight a few more recent examples of this with brand new exploit kits on the market, and explain why even fully-patched Java installations are fast becoming major enablers of browser-based malware attacks.
Check out the screenshots below, which show the administration page for two up-and-coming exploit packs. The first, from an unusually elaborate exploit kit called “Dragon Pack,” is the author’s own installation, so the percentage of “loads” or successful installations of malware on visitor PCs should be taken with a grain of salt (hat tip to Malwaredomainlist.com). Yet, it is clear that miscreants who purchase this pack will have the most success with Java flaws.
|My System Specs|
|Similar help and support threads for2: Exploit Packs Run on Java Juice|
|JAVA Exploit Remedy?||System Security|
|Yet another Java exploit thread.||System Security|
|Exploit:Java/CVE-2010-0840.IO help.||System Security|
|Only 9 of 22 virus scanners block Java exploit||System Security|
|Exploit Toolkit Infects One in Ten Users via Outdated Java||Security News|
|Java: A Gift to Exploit Pack Makers.||Security News|
|Exploit:Java/CVE-2008-5353.B;Trojan:Java/Selace.A and B||System Security|
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 03:40 AM.