|05 Mar 2013||#1|
| || |
Java malware 'was signed with certificates stolen from security vendor
Malware used in a zero-day Java exploit was signed with certificates stolen from a security firm, researchers have found.
The editions of Java targeted by the malware, Java 6 Update 41 and Java 7 Update 15 were released 10 days ago. However, researchers at security firms FireEye and CyberESI have already discovered an attack — known as CVE-2013-1493 — that successfully exploits the two editions of Java, and have informed Oracle of its existence.
Although the exploit in most cases causes a Java virtual machine to crash before executing, if it is successful, it will install a trojan, according to FireEye.
|My System Specs|
|Similar help and support threads for2: Java malware 'was signed with certificates stolen from security vendor|
|Opera breached, has code cert stolen, possibly spreads malware - advic||Security News|
|Bad windows security certificates on every webpage||System Security|
|Programming Certificates (Not University) - Java and C++||Chillout Room|
|Digital Certificates Used by Malware||Security News|
|Win7 Security Has Stolen My Data!||System Security|
|IE 8 security certificates- server down?||Browsers & Mail|
|Upcoming Action Center Changes for Security Vendor Soft||News|