Seriously… not another Java zero-day attack?

Chicago Computer Support | Managed IT Services | Chicago IT SupportI’m not kidding. Heck, I might even be wrong. But it appears as though the administrator of a hacker forum has sold weaponized and full source code versions of the new zero-day exploit. There are reasons for doubt, however. According to Brian Krebs, the exploit was purportedly limited in its sale to only two buyers at $5000 apiece. That seems a little low, considering the rental price of the popular “blackhole” hacker toolkit is a cool $10,000 per month. Still, if it’s true, it means the latest version of Java (Release 7 update 11 as of this writing) will soon be the target of another sweeping exploit.

Krebs speculates that: a) it’s bogus, or b) all of the coverage of the last exploit has resulted in a far smaller attack surface as users have removed Java in droves. That would surely impact the value of the exploit. In any case, my earlier recommendation still stands – if you’re not sure why you have Java, just remove it. It’s easy and trivial to reinstall it later if necessary.

Contact

Thom Infotech
480 E. Roosevelt Rd. Suite 202
West Chicago, IL 60185
Phone: 630 937-1500
Fax: 630 937-1515

Open a Ticket


Need Help? The most efficient way to get the assistance you need is to submit a ticket so that we can route your request to the people who have the answers you are looking for.
Open a Ticket