Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

CVE-2012-4681 tagged in these posts

Fake ‘Amazon order’ email exploits recent Java vulnerability CVE 2012-4681

Posted: 02 Sep 2012 09:44 PM | Xue Yang | 1 comment(s)

Following our recent blog posts regarding the propagation of Java vulnerability CVE-2012-4681 (New Java 0-day used in small number of attacks) and its subsequent inclusion in the infamous Blackhole Exploit Kit (New Java 0-day added to Blackhole Exploit Kit),  the Websense® ThreatSeeker® Network has detected a new malicious email campaign purporting to be an order verification email from Amazon directing victims to a page containing the recent Java exploit.



Filed under: , , ,

Oracle release Java 1.7.0_07 to fix CVE-2012-4681

Posted: 30 Aug 2012 07:26 PM | Patrik Runald | no comments

Oracle did what all of us were hoping they would do - release an out-of-band patch for the latest Java zero-day vulnerability. The new version of Java, 1.7.0_07 and 1.6.0_35, both fix the vulnerabilities mentioned in CVE-2012-4681 that we've blogged about here and here . We have tried the patch and...


Filed under: