Warning! Zero-Day Exploit for Java is Up and Running

(Ping! Zine Web Tech Magazine) – An impending issue is causing a stir of problems for Oracle’s  Java, the popular programming language used by browsers to work across a number of websites. Known as the “zero-day” exploit, Oracle moved to patch the vulnerability last week. However, unpatched systems could be in for an unpleasant surprise, being left vulnerable to would-be hackers.

“These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages this vulnerability. Successful exploits can impact the availability, integrity, and confidentiality of the user’s system,” explained Oracle via a security alert previously made available.

Meanwhile, security firm FireEye indicated it had seen “over a dozen domains actively attacking systems” using the vulnerability, a number it said would likely increase.

And some patching for browsers to further protect against the issue could part of the plan, at least for Mozilla’s popular Firefox. According to a report appearing on Macworld.co.uk, the company had moved to block the plug-in from functioning with its browser if necessary.