Deja Vu All Over Again: New Java Vulnerability Found, Bypasses Built-In Security

  /     /     /  
Publicated : 22/11/2024   Category : security


Deja Vu All Over Again: New Java Vulnerability Found, Bypasses Built-In Security


Yet another Java bug has been discovered—and this one breaks out of the softwares sandbox



Another day, another Java vulnerability discovery: this time, it affects most versions of the ubiquitous application.
The good news is that so far, theres no exploit code circulating--yet. The researchers at Security Explorations who discovered the latest vulnerability say it breaks Javas security sandbox in Java versions SE 5, 6, and 7. They have reported the bug to Oracle, which they say yesterday confirmed the flaw and said it would would issue a patch.
The researchers say they shared the technical details only with Oracle, and so far, theres no sign of anyone else pinpointing the flaw and writing exploit code. The vulnerability allows an attacker to escape Javas sandbox and obtain user privileges. An attacker could run, install programs, view, change, or delete data with the privileges of a logged-on user, says Adam Gowdiak, founder and CEO of Security Explorations.
While he wouldnt offer specifics on the vulnerability itself, he says after it breaks out of the Java sandbox, the attack creates a file and executes a notepad.exe application on Windows 7.
Recent bugs worked for Java SE 7 only. This one works on Java SE 5, 6 and 7: The impact is thus bigger, he says, noting that Oracle claims that there are more than one billion desktops running Java.
Oracle in late August
turned around a patch within a week of active attacks
exploiting holes in Java Version 7. The Java exploit, originally used for targeted attacks, went public and began to spread like wildfire after it was added to the popular BlackHole crimeware kit, making it easily accessible to all types of cybercriminals.
Gowdiak says hes not aware of any other public exploits right now, and that if the fix gets deployed quickly, it may avert the types of attacks that happened with last months Java exploit. If proper security fixes are made available for the users and they are applied then we may avoid a potential crisis situation, he says.
For now, users should disable the browsers Java plug-in, until Oracle issues its patch, he says.
Johannes Ullrich, of SANS Technology Institute, says users should use caution with Java. At this point, there are no details available as to the nature of these vulnerabilities, and there is no evidence that any of these vulnerabilities are exploited. However, it is widely known that Oracle is working on a substantial backlog of these vulnerabilities. It is still recommended to use Java with caution, Ullrich said today in a post on SANS Internet Storm Center.
Some tips from SANS:
=If you dont need Java, uninstall it.
=If you do need Java, ensure that its not automatically starting up in your browser.
=Keep your Java app up to date.
=Only keep the Java variants you need--uninstall the rest.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Deja Vu All Over Again: New Java Vulnerability Found, Bypasses Built-In Security