Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

CVE-2012-1723 tagged in these posts

New spear of Black Hole exploit kit targets Java Vulnerability CVE-2012-1723

Posted: 15 Jul 2012 01:00 PM | uwang | no comments


In early July, an update has been issued to the Blackhole exploit kit targeting Java vulnerability CVE-2012-1723 . The vulnerability could evade the JRE ( Java Runtime Environment ) sandbox and load additional Java classes in order to perform malicious actions. Details about the vulnerability are here . A lot of the websites used with this attack, at the moment, that are detected by the Websense® ThreatSeeker® Network are newly registered websites. Websense customers are protected from this threat with our Advanced Classification Engine - ACE that employs multiple methods to detect exploit kits generically and specifically in real time. Looking at the past three years, the Java platform has been one of the most popular one targeted by attackers. Java was designed to be portable, meaning it works on virtually all computer operating systems like Windows, Mac, and Linux. We still remember the Mac OS malware Flashback that infected over 600,000 Apple computers worldwide in April 2012 using Java vulnerability CVE-2012-0507. Even now, we still see a lot of exploit kits that use CVE-2012-0507. Here are the Java platform vulnerabilities used in the wild since 2010: CVE-2010-0094 CVE-2010-0094 CVE-2010-0840 CVE-2010-0842 CVE-2010-0844 CVE-2010-3552 CVE-2010-0886 CVE-2010-4452 CVE-2011-3521 CVE-2011-3554 CVE-2012-0507 CVE-2012-1723 Although Oracle released a patch in June for the latest vulnerability, cyber criminals are targeting machines that have not yet updated their platforms. We recommend to update the Java platform, if you have one installed, as soon as possible. Also, consider disabling the Java Plugin in your Web browser to reduce the risk if you are not using it a lot.

Read more > 

Filed under: , ,