Sun Pushes Emergency Java Patch
Trailrunner7 writes "In a sudden about-face, Sun has rushed out a Java update to fix a drive-by download vulnerability that exposed Windows users to in-the-wild malware attacks. The patch comes less than a week after Sun told a Google researcher it did not consider the issue serious enough to warrant an out-of-cycle patch and less than a day after researchers spotted live exploits on a booby-trapped Web site. The flaw, which was also discovered independently by Ruben Santamarta, occurs because the Java-Plugin Browser is running 'javaws.exe' without validating command-line parameters. Despite the absence of documentation, a researcher was about to figure out that Sun removed the code to run javaws.exe from the Java plugin. The about-face by Sun is another sign that some big vendors still struggle to understand the importance of working closely with white hat researchers to understand the implications of certain vulnerabilities. In this case, Google's Tavis Ormandy was forced to use the full-disclosure weapon to force the vendor into a proper response."
They assume white hats are smarter and faster because they have jobs and are being paid. What they don't realize is that black hats also have "jobs" and are being paid.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
there is no company or organization called "sun" ... there is only oracle now.
Due to development constraints, I run JDK 5 Update 22 on my system.
As of Nov 3rd 2009, Update 22 is the last public release of version 5.
I used the exploit demo link to see if it is also vulnerable, and sure enough it attempted to launch a program.
So now the still-quite-large-installed-base of 1.5.0_x users are screwed!!!
Fortunately though, my AVG quickly blocked it, reporting it as "Exploit JSE WebStart (type 1067)"