FireEye Uncovers Yet Another Java Zero Day
Disable it from automatically playing in your browser, cancel updates, lock up the anti-virus and batten down any hatches that might have been left open, you know the drill people. Yet again Java has opened up everyone’s computers to another piece of remote execution malware, one which is capable of overtaking a significant chunk of your spare memory if left undefended.
We only have broad details to work with for the time being, and FireEye refused to get down to specifics when it came to where the holes had been created. They did elaborate on its pathway of access however.
“Not like other popular Java vulnerabilities in which [the] security manager can be disabled easily, this vulnerability leads to [an] arbitrary memory read and write in [the] JVM [Java virtual machine] process.”
If successful the exploit can open up a channel to download its malware package, after which it takes the normal routes to the root drive and the rest is repeated history from there.”Upon successful exploitation, it will download a McRAT executable from same server hosting the JAR file upon execution”, said Kindlund and Lin. “McRAT is a remote access Trojan (RAT) designed to download further malware onto an infected PC. Java is widely known among the security communities as being one of the least stable pieces of software around when it comes to vulnerabilities, and Oracle has never been too upfront about their weaknesses which makes the process of improving all that much more difficult.”
Oracle has denied a majority of the allegations against them, but admit there are still areas of the software that could use ‘cleaning up’. Between the two bugs found, Oracle has only confirmed what Gowdiak calls “issue 55”, but no details about the vulnerability have been released to the public. He disagreed with the assessment, stating that a problem was found just last week which reflects the same issues that many before it have dealt with, and should not be ignored by the entities responsible.