Java ‘zero day’ vulnerability exposed

A ‘zero day’ security vulnerability in the Java application platform is being used in targetted attacks, according to security vendor FireEye.

Writing earlier this week, FireEye security researcher Atif Mushtaq said that the company had been spotted "in the wild".

In the attacks that FireEye identified, the exploit is used to install a ‘dropper’ – a piece of software – which creates a connection to a command and control server. The command and control server has a Singaporean IP address.

Yesterday, the company said that since exposing the exploit it had begun to see evidence of a "large scale attack".

"So far we have observed over a dozen domains actively attacking systems with this exploit, and the count is increasing rapidly," wrote Mushtaq. "After seeing the reliability of this attack, I have no doubt in my mind that within hours the casualties will be in the thousands."

Mushtaq called on Oracle, which governs the Java project, to issue a security patch. "It’s very disappointing that Oracle hasn’t come forward and announced a date for an emergency update patch," he said.

Oracle has yet to comment on the vulnerability.

Mushtaq recommended that users uninstall the Java Runtime Environment from their browers, or use iOS devices that are not affected by the exploit.

Earlier this year, UK builders’ merchant Travis Perkins adopted FireEye technology after it identifed what appeared to be a targetted attack. The attack, which was in fact thwarted by the company’s web filter, would have tried to install malware that its anti-virus protection would not have identified.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics