Amid recent reports of an exploit found in Java, that is being actively used for attacks, the American government has advised all users to disable Java in their browsers with immediate effect. According to reports on Ars Technica, the attack code that exploits vulnerability in Java’s browser plugin has been added to the Blackhole, Cool, Nuclear Pack, and Redkit exploit kits.
What’s appalling is the fact that this particular exploit was left open since last year when Oracle failed to patch a previous security bug completely and instead left this vulnerability out in the open. This has prompted miscreants to utilize the situation to install keyloggers and trojans on many possible victim computers. CNN reports that the said exploits of this latest Java vulnerability were first observed more than a month ago and involves two methods called the Class.forName() method, which allows the loading of arbitrary (restricted) classes and the invokeWithArguments method which had a problem that Oracle patched earlier. Metasploit has also released an update that allows users to test the seriousness of the problem.
According to other sources this malicious code might have already affected many online websites which might be hosting the malicious code. This exploit is expected to hurt computers running Java 7 or later and is harmful on all software platforms like Mac and Linux, hence not just being restricted to Windows.
While Oracle has said that a patch is in the works and will be released soon, till then it is better to be safe than sorry. Since Java 7 update 10, it is very easy to disable Java in the browser, the steps for which are available here. Java has recently come under a lot of fire for its numerous security exploits that are surfacing recently. Hence, most experts are again advising users to get rid of the plugin entirely until it is absolutely necessary.
