Windows 7: Java zero day vulnerability actively used in targeted attacks

Brink · 27 Aug 2012

Quote:

Security researchers from FireEye, AlienVault, and DeependResearch have intercepted targeted malware attacks utilizing the latest Java zero day exploit. The vulnerability affects Java 7 (1.7) Update 0 to 6. It does not affect Java 6 and below.

Based on related reports, researchers were able to reproduce the exploit on Windows 7 SP1 with Java 7 Update 6. There's also a Metasploit module available.

Read more at:
Java zero day vulnerability actively used in targeted attacks | ZDNet

Layback Bear · 27 Aug 2012

This may or may not be related.
Mozilla Firefox blocked my Java stating it needed updated. I updated Java Deployment Kit and Java Platform to 7.1.0.6 and the warning went away.

**x BlueRobot** · 28 Aug 2012

I think I may have Java 7, but unsure of wherever I've bothered to update it yet, does the security flaw occur with the update or is it just Java 7 in general?

Brds7t7 · 28 Aug 2012

I've finally ditched Java. Have a lot of programs installed and doesn't seem to have caused any issues.

Flash will be the next to go! Not soon enough either!

4wd · 29 Aug 2012

Have resorted to the following: For overall browsing: FF -Java +Ghostery +Noscript. For the few special sites needing java (banking\online purchases in my case), using IE with everything enabled, followed by Ccleaner to clear cache etc when done.

Windows 7: Java zero day vulnerability actively used in targeted attacks

Java zero day vulnerability actively used in targeted attacks problems?