Oracle’s latest Java update 1.7 for Java 7 has a security
hole that can be exploited from various operating systems and web browsers.
These attacks install the Poison Ivy Remote Access Trojan and Windows, Linux
and Mac computers running Internet Explorer, Firefox, Safari, Opera and Chrome
are at risk. These attacks are supposedly coming from China and will install a
remote administration Trojan that connects to a command and control server
located in Singapore. The Trojan will allow the execution of arbitrary code on
vulnerable systems without user interaction.
So far the attacks have not been too widespread and
Oracle has not come up with a fix and there may not be one soon enough. Oracle
releases its patches quarterly and the next one is not due until October. Many
security analysts are recommending turning of Java until the problems is
resolved and only using it in must have cases on sites you trust. You can also
go to Java’s website and click the Do I have Java? link to see what version you
have. If you have an older version be sure not to update until the next version
is out.
No comments:
Post a Comment