Seriously… not another Java zero-day attack?

West Chicago Computer Support | Managed IT Services | West Chicago IT SupportI’m not kidding. Heck, I might even be wrong. But it appears as though the administrator of a hacker forum has sold weaponized and full source code versions of the new zero-day exploit. There are reasons for doubt, however. According to Brian Krebs, the exploit was purportedly limited in its sale to only two buyers at $5000 apiece. That seems a little low, considering the rental price of the popular “blackhole” hacker toolkit is a cool $10,000 per month. Still, if it’s true, it means the latest version of Java (Release 7 update 11 as of this writing) will soon be the target of another sweeping exploit.

Krebs speculates that: a) it’s bogus, or b) all of the coverage of the last exploit has resulted in a far smaller attack surface as users have removed Java in droves. That would surely impact the value of the exploit. In any case, my earlier recommendation still stands – if you’re not sure why you have Java, just remove it. It’s easy and trivial to reinstall it later if necessary.