Java 0-Day Exploit CVE-2013-0422

The infamous exploit packs Blackhole and Nuclear Pack now feature a new zero-day Java exploit that exploits the Java vulnerability CVE-2013-0422. The latest version of Java 7 Update 10 is affected.

Malware spreading through drive-by-downloads often utilizes exploit packs, which are able to serve malware variants without any user interaction, as opposed to other techniques relying on social engineering.

While users of ESET security products are protected from this threat (we detect it as Java/Exploit.CVE-2013-0422) we do concur with the advice given by Brian Krebs to disable Java if not needed, so as to minimize the potential attack vectors used by malware.

Java 0-days are nothing new under the sun, a past example is mentioned in the blog post by Stephen Cobb. Java 7 Update 10, however, considerably simplifies the process of disabling Java in browsers, and we strongly advise users to keep their software updated to the latest versions.

blackhole-and-java

Robert Lipovsky
Malware Researcher


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s