From CNet:
New malware exploiting Java 7 in Windows and Unix systems
=========================================================
Mal/JavaJar-B is a cross-platform exploit of a new zero-day
vulnerability in the latest Java runtimes.
by Topher Kessler
January 11, 2013 1:32 PM PST
A new Trojan horse called Mal/JavaJar-B has been found that exploits a
vulnerability in Oracle's Java 7 and affects even the latest version of
the runtime (7u10).
The exploit has been described by Sophos as a zero-day attack since it
has been found being actively used in malware before developers have had
a chance to investigate and patch it. The exploit is currently under
review at the National Vulnerability Database and has been given an ID
number CVE-2013-0422, where it is still described as relatively unknown:
"Unspecified vulnerability in Oracle Java 7 Update 10 and earlier allows
remote attackers to execute arbitrary code via unknown vectors, possibly
related to "permissions of certain Java classes," as exploited in the
wild in January 2013, and as demonstrated by Blackhole and Nuclear Pack."
...
Full story:
<http://reviews.cnet.com/8301-13727_7-57563567-263/new-malware-exploiting-java-7-in-windows-and-unix-systems/>
--
War doesn't determine who's right, just who's left.
--
Paul B. Gallagher
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
