Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Tidal Wave of Java Flaw Exploitation

Posted by Soulskill on from the surf's-up dept.

tsu doh nimh writes "Microsoft warned today that it is witnessing a huge spike in the exploitation of Java vulnerabilities on the Windows platform, and that attacks on Java security holes now far outpace the exploitation of Adobe PDF bugs. The Microsoft announcement cites research by blogger Brian Krebs, who has been warning for several months that Java vulnerabilities are showing up as the top moneymakers for those peddling commercial crimeware exploitation kits, such as Eleonore, Crimepack and SEO Sploit Pack." Several days ago, Oracle released a patch that fixed 29 Java security flaws.

2 of 238 comments (clear)

  1. JVM on Windows? by big+dumb+dog · · Score: 0, Troll

    Anyone who would deploy a JVMs on windows instead of Linux is probably writing crap code in the first place.

    --
    "Seven years of college down the drain. Might as well join the f-ing Peace Corps." - John 'Bluto' Blutarsky
  2. Yahoo toolbar by amaupin · · Score: 0, Troll

    And when you install Java you get the Yahoo toolbar, as well! (Unless you uncheck it.) It's like Sun (or Oracle, I don't know which) sat around a table and brainstormed ways to make Java appear as malware-ific as possible.

    Great job guys. You're lucky Flex's mxmlc.exe (and now Minecraft) require Java or I'd have no use whatsoever for your tainted runtimes...