New Zero-Day attacks for Java and Flash

Share it:
It was just a week ago that couples of Zero-day vulnerability was disclosed in Adobe flash software, which was revealed from the leaked 400 GB dump taken from Hacking Team, the Italian spyware developer that was breached eight days ago.

As the vulnerability was addressed on the latest updates of the software, but this will not going to give a deep relaxed sleep.

This is because another alarming Zero-day vulnerability had been discovered on the Adobe Flash and Oracle's Java software framework. The vulnerability is being raised as critical as that could be used to surreptitiously install malware on end-user computers were revealed in Flash and Java.

The currently unpatched vulnerabilities reside in the Windows, Mac OS X, and Linux versions of the most recent versions of Flash and allow attackers to remotely execute malicious code.

The Java vulnerability is significant because attackers are actively exploiting it in an attempt to infect members of NATO, researchers from security firm Trend Micro warned in a blog post published Sunday. They said the attack involves a separate Windows vulnerability indexed as CVE-2012-015, which Microsoft addressed in 2012 in bulletin MS12-027. Oracle developers are working on a fix, the blog post said.

The exploitation of the vulnerability is not much hard, as all the technical details and Proof-of-Concepts can be found on the leaked file of the Hackers Team. 

May the patches of the vulnerability will be addressed till next week, but it is recommended to all users to limit the use of the adobe flash or just disabled it.
Share it:

Adobe

Java

News

Security

Vulnerability

ZeroDay Bug

Post A Comment:

0 comments:

Follow by Email