Wednesday, 29 August 2012

New Java Zero-Day Exploit Added to Metasploit and BlackHole Exploit Kit


New Java Zero-Day Exploit Added to Metasploit and BlackHole Exploit Kit


Java zero-day exploit added to Metasploit and BlackHole

Soon after the world learned about the existence of a new zero-day that affects all the latest Java run-time environment (JRE) versions, researchers started analyzing the exploit, trying to figure out a solution to protect computers against it.
Security experts from Deep End Research have come up with a patch that they’re willing to share with anyone who’s in charge of administrating company networks. In the meantime, until Oracle comes up with a permanent patch, users are advised to disable Java in their web browsers. 

In case they need Java, internauts are recommended to use two different browsers, but only one of them with Java enabled. The one with Java should be utilized for operations that require the component, and the browser without Java should be used for regular tasks, such as reading emails (the malicious exploit might arrive via email).

These pieces of advice are very important for the following reasons: the exploit has become public and it has been added to Metasploit. Furthermore, according to Brian Krebs, it’s about to be added to the infamous BlackHole exploit kit as well.

The developer of the BlackHole has told Krebs that the price for such an exploit would be around $100,000 (€80,000).

There is one more noteworthy thing about the new exploit. According to Deep End Research, it doesn’t affect Chrome, but Rapid 7 experts – the ones who contributed to adding the exploit to Metasploit – claim that on Windows XP it works not only on Internet Explorer and Mozilla, but also on Google’s web browser.

“Don't know, maybe Rapid 7 'improved' the exploit and you can send them your thanks if you wish, but the original exploit does not work on Chrome,” Andre M. DiMino and Mila Parkour of Deep End Research wrote in a post.

No comments:

Post a Comment