Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Java 0-Day In 2 Years Exploited By Pawn Storm Hackers

Posted by timothy on Sunday July 12, 2015 @11:26PM from the live-dangerously dept.

An anonymous reader writes with Help Net Security's report that a new zero-day vulnerability in Java is being exploited, quoting from which: The flaw was spotted by Trend Micro researchers, who are closely monitoring a targeted attack campaign mounted by the economic and political cyber-espionage operation Pawn Storm. The existence of the flaw was discovered by finding suspicious URLs that hosted the exploit. The exploit allows attackers to execute arbitrary code on target systems with default Java settings. Until a patch is made, disabling Java is the recommended course of action.

3 of 122 comments (clear)

Min score:

Reason:

Sort:

There hasn't been a zero day? by Anonymous Coward · 2015-07-12 23:30 · Score: 5, Funny

There hasn't been a zero day for Java in two years?
If that's true, that sounds like the real news here.
Re:Here we go again. by Big+Hairy+Ian · 2015-07-13 00:01 · Score: 4, Funny

I was just going to suggest everyone just change their brand of coffee! Problem solved

--
Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
Re:Disable Java == Broken Websites by Anonymous Coward · 2015-07-13 00:11 · Score: 2, Funny

The PROBLEM with disabling Java, is that a significant majority of sites use it heavily
Uh, really? Can you name one website that uses Java heavily?
Here is one: Verify your Java Version