[if lt IE 9]> Place this render call where appropriate

Security Experts Advise Java Disabling, New Flaw Discovered

By Johnny Wills email: j.wills@mobilenapps.com | Jan 11, 2013 07:59 PM EST

Share This Story

  • Print
  • Email

Security advisers are warning PC users to disable Java on their machines, following detection of another zero-day vulnerability that hackers are actively exploiting to attack computers.

Java is a computer language running on more than 850 million computers worldwide, allowing Web developers to design Web sites and applications accessible on any type of computer.

Follow us

According to a report by ComputerWorld, hackers are actively using the Java exploits to install malicious programs in drive-by download attack on the computers of users who visit infected Web sites.

A French malware researcher, going by the moniker Kafeine, first reported the exploit which was later confirmed by security company AlienVault Labs. In a blog post on Jan. 10, Kafeine said that the latest version of Java is exploited on a Web site receiving "hundreds of thousands of hits daily".

"We can confirm that this is a new vulnerability. We reproduced the exploitation mechanism on Java 1.7 Update 9 and Update 10. Other versions may be vulnerable as well, we're currently analyzing whether other older updates are vulnerable," said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor Bitdefender, in an e-mail to ComputerWorld.

Bitdefender researchers traced the attacks back to Jan. 7. However, some other researchers claim that the attacks started on either Jan. 2 or Jan. 3.

Security experts warned that the risk is high as developers of popular exploit toolkits, such as Blackhole Exploit kit and Redkit, have added the exploit. The exploit toolkits are widely used by hackers to exploit flaws.

"Java is a mess. It's not secure. You have to disable it," said Jaime Blasco, Labs Manager with AlienVault Labs.

Many security experts recommended disabling Java on computer machines. Disabling the popular software could make some Web sites and Web applications inaccessible to users. However, no security update is available at the moment and disabling Java seems to the best option, until a patch arrives.

Get the Most Popular Mobile&Apps Stories in a Weekly Newsletter

© 2014 Mobile & Apps All rights reserved. Do not reproduce without permission.

Join Our Conversation

Smartphones
Gmail 5.0 for Android reportedly aims to handle all emailGmail 5.0 for Android leaks online, reportedly aims to handle ALL email
Dropbox for iOS gets Touch ID support with latest update – Available now
Apple Pay mobile payment system rolling out to iPhone 6, iPhone 6 Plus
Nexus 6, Nexus 9, Nexus Player on Google Play: Available models, prices & shipping estimates
Tablet / Laptop / PC
Dell Venue 7 and Venue 8Dell unveils Venue 7 and Venue 8 Android 4.3 Jelly Bean tablets
Retina iPad Mini facing delays, may not launch until early next year
Refurbished 128GB iPad with Retina Display now available on the Apple Online Store
Samsung Galaxy Note 10.1 – 2014 Edition: Pricing and availability now official
Gadgets
Amazon LogoAmazon reportedly to launch ‘Firetube’ set-top box before 2013 holidays
Samsung Galaxy Note 3 and Galaxy Gear India launch: Pricing and availability
Samsung Galaxy Gear Android smartwatch now up for pre-order in Canada
Samsung Galaxy Gear 2 reportedly in the works already, may debut at CES or MWC 2014
OS / Software
HTC LogoHTC reportedly considering Android/Windows Phone dual-booting smartphone as Microsoft pushes for deeper Windows mobile integration
iOS 7 Chrome Incognito mode leaks private searches due to bug
Sprint HTC One Android 4.3 Jelly Bean already rolling out, AT&T, T-Mobile & Verizon to follow
Microsoft Windows 8.1 now available for pre-order
Internet / Social Media
Google DowntimeGoogle blacks out for two minutes, causes 40 percent drop in world’s Internet traffic
Xbox Music web player is live and ready for Xbox Music Pass subscribers
Facebook Android app collected phone numbers even if users never logged in
Firefox 22 brings support for web video calls, 3D gaming, and Unreal Engine 3
What's App
Flipboard for Windows PhoneFlipboard for Windows Phone finally available, but requires 1GB of RAM (VIDEO)
Vine gets major update, lets you upload previously-shot videos & more (VIDEO)
BlackBerry Messenger (BBM) finally hits Windows Phone – Available as a free download now
Instagram releases Bolt ephemeral messaging app in select markets to challenge Snapchat
Copyright © 2014 Mobile & Apps All rights reserved. mobilenapps
Real Time Analytics