SHARE

Java is being viewed as a security risk now a day and many attacks take place , we will not discuss any other attack of Java actually websense publish a article in which it tell that what is the problem behind Java and why so many attacks take place through Java.


The First main reason for Java is keeping up to date which is hardly impossible for a normal user because Java is updated independently from the browser. How hard is it they deciede to check?

They recently added Java version detection to ACE and pumped pumped it into the Websense ThreatSeeker® Network to get real-time telemetry about which versions of Java are actively being used across tens of millions of endpoints. Here’s what we found (you may need to click on the graph to see all the detail):



As you can see, Java is everywhere on the Map, At the time of writing (Websense Blog) the latest Java Runtime Enviornment is 1.7.17 but only about five percent of the overall mix are using it. Most versions are months and even years out of date. How does this translate into the attack space?  

Exploit kits are a very common tool for distribution of many Java-based threats. From the billions of daily web requests being classified through our network, here is the breakdown of the active browser requests that are exploitable and which exploit kits have incorporated 

Java Vulnerability  Vulnerable Versions**  Vulnerable   Exploit Kits With Live Exploits

CVE-2013-1493            1.7.15, 1.6.41                  93.77%         Cool 

CVE-2013-0431            1.7.11, 1.6.38                  83.87%         Cool

CVE-2012-5076            1.7.07, 1.6.35                  74.06%         Cool, Gong Da, MiniDuke

CVE-2012-4681            1.7.06, 1.6.34                  71.54%         Blackhole 2.0, RedKit, CritXPack, Gong Da

CVE-2012-1723            1.7.04, 1.6.32                  67.72%         Blackhole 2.0, RedKit, CritXPack, Gong Da

CVE-2012-0507            1.7.02, 1.6.30                  59.51%         Cool, Blackhole 2.0, RedKit, CritXPack, Gong Da

** All prior JRE versions below those listed are also vulnerable

How do you stop the onslaught if the patches aren’t keeping up?

  • Real-time intelligence to block lures, phishing, and other forms of social engineering coming across web, email, and mobile platforms
  • Real-time inbound intelligence to identify known or suspicious malware destinations and compromised sites 
  • Real-time outbound intelligence to identify command and control communication, bot networks, dynamic DNS requests, and fingerprinted data headed to the wrong people or places
  • Identifying malicious droppers both statically and behaviorally (via Websense ThreatScope™

Source Above

NO COMMENTS

LEAVE A REPLY

This site uses Akismet to reduce spam. Learn how your comment data is processed.