Featured Articles

LG G Watch R ships in two weeks

LG G Watch R ships in two weeks

The LG G Watch R, the first Android Wear watch with a truly round face, is coming soon and judging by…

More...
LG unveils NUCLUN big.LITTLE SoC

LG unveils NUCLUN big.LITTLE SoC

LG has officially announced its first smartphone SoC, the NUCLUN, formerly known as the Odin.

More...
Microsoft moves 2.4 million Xbox Ones

Microsoft moves 2.4 million Xbox Ones

Microsoft has announced that it move 2.4 million consoles in fiscal year 2015 Q1. The announcement came with the latest financial…

More...
Gainward GTX 970 Phantom previewed

Gainward GTX 970 Phantom previewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
EVGA GTX 970 SC ACX 2.0 reviewed

EVGA GTX 970 SC ACX 2.0 reviewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Tuesday, 14 May 2013 11:46

Java fast becoming an attack vector of choice

Written by Nick Farrell



Holy art thou

Microsoft research is showing that there has been a spike in malware targeting Java vulnerabilities since the third quarter of 2011. Much of the activity has focused on vulnerabilities which are already patched. This suggests that attackers are hitting vulnerabilities that are in multiple versions of Java, rather than just one specific version. Jeong Wook Oh of Microsoft said that in Q3 and Q4 of 2012 two new vulnerabilities, CVE-2012-4681 and CVE-2012-5076, were found. 

“But we didn’t observe any prevalence of Java malware abusing these newer vulnerabilities above malware abusing the older Java vulnerabilities, CVE-2012-0507 and CVE-2012-1723. The reason behind this might be that only Java 7 installations were vulnerable to CVE-2012-4681 and CVE-2012-5076, whereas CVE-2012-0507 and CVE-2012-1723 also target Java 6,” he said.

As there are still many users that use Java 6, the malware writers might have tried to target Java 6 installations by including older vulnerabilities in the exploit package. During 2012 there were two kinds of Java vulnerabilities one applied to both multiple versions of Java including Java 6 and 7, and the others only applies to Java 7.

“So when new vulnerabilities that are only applicable to Java 7 are discovered, the attacker’s strategy was usually to combine it with older vulnerabilities that cover more versions of Java. In that way, they could achieve more coverage than just using a single exploit in one package,” Oh said.

Of the four Java vulnerabilities from 2012 only one of which was a zero day vulnerablity. The other three flaws already had patches available when the malware targeting them appeared. The warning here is to install patches as soon as they come out.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments