Java Flaws Becoming Serious Issue
Java exploitation has been a problem for years. Many of the issues encountered with Java exploitation are usually because versions are out-of-date.
“As the Advanced Malware Analysts administrator/group owner, I see a lot of issues with people not updating Java, Flash Player, and Reader. These attack vectors were used 5 or so years ago, up until today. Still a complete problem. Problem is, people do not use great tools like Secunia PSI or the auto-update feature in each of the plugins’ control panels,” says Jay Pfoutz – administrator and group owner of the Advanced Malware Analysts. The Advanced Malware Analysts are a group of malware analysts whom volunteer on tech support forums across the web to assist in malware removal for free.
Exploitation frequently happens when people fail to update their plugins in a timely manner. Java plugin problems lately have increased because attackers are now targeting Java a lot more.
Here is how to check for the latest updates for Java (should be done weekly):
- If using Mozilla Firefox, Plugin Check is the easiest way.
- Click Start, navigate to Control Panel. Look for Java in the list, and double-click on that. Click the “Update” tab, and then click the “Check for Updates Automatically” check box if you want Java to search for updates automatically. Select how you want Java to notify you about available updates. Or you can hit the Update Now button. More info here
- Verify Java Version Online
- Microsoft: Update Java or kill it (zdnet.com)
- Java vulnerabilities increasingly targeted by attackers, researchers say (infoworld.com)
- New Mac malware uncovered as Mountain Lion is released (apple24seven.wordpress.com)