Security researchers have discovered that exploit kits are being updated with a recently discovered Java vulnerability, enabling the flaw to be widely exploited.
Researchers from M86 Security found that the Blackhole and Phoenix exploit kits are now capable of attacking systems using the CVE-2011-3544 vulnerability.The flaw, a design error in Java, allows untrusted code to be executed at an elevated level of privileges, according to M86 Security researcher Daniel Chechik.
Rhino is a Javascript engine that runs under the Java Virtual Machine and can interact with Java applets, according to Chechik, who also confirmed that M86 Security had found that the exploit has already been added into Blackhole version 1.2.1 and Phoenix version 3.0..
Chechik said it is unusual for an exploit to make its way into such kits so quickly as they normally rely on older bugs that have already been patched, depending upon system administrators’ laxity to ensure a ready supply of vulnerable systems.
In this case, however, the exploit kits were updated with the CVE-2011-3544 flaw more quickly and the updated version of Blackhole was released even before the flaw was patched.
“The vulnerability is cross-platform and doesn’t require heap spray or buffer overflow techniques. That makes it very effective and therefore authors of exploit kits rushed to add it to their kits,” said Chechik. “The concerning aspect is that the Blackhole exploit kit was updated even before a patch was released by the vendor.”
A patch has now been released by Oracle, but systems are still at risk until the patch has been applied.
“We highly encourage users to keep their Java updated, or remove it if it is not needed,” Chechik wrote. “A patch for this Java vulnerability is available by now: Look for Java 6 Update 29, or Java 7 Update 1.”
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…