PC security flaw leaves a billion users at risk of cyber attack

Posted: September 26, 2012 in Social networking
Tags: , ,


  • Polish security researchers have revealed a security flaw they claim may affect up to a billion PC users (Picture: Fotolia)

    Yahoo! News – Polish security researchers have revealed a security flaw they claim may affect up to a billion PC users (Picture: Fotolia)

Polish security researchers have uncovered a security vulnerability which they claim leaves up to a billion PC and Mac users at risk.

The vulnerability is in the Java software used with web browsers such as Firefox, Chrome, Safari and Internet Explorer.

The bug allows cyber criminals to hijack PCs running Java, and potentially install malicious software at will. It is currently ‘unpatched’ which means that anyone using Java – used commonly on the web – is potentially at risk.

At present, there is no downloadable ‘fix’. Users can stop their browser using Java, or uninstall it, but this may cause some websites and services to stop working.

[Related: Scientists design clock that will keep time after the universe ends ]

The vulnerability affects all versions of Java software.

The researchers, from Security Explorations, managed to bypass ‘sandbox’ protections to take control of PC systems.

Their findings have been forwarded to Oracle, makers of Java.

“The impact of this issue is critical – we were able to successfully exploit it and achieve a complete Java security sandbox bypass,” says Adam Gowdiak, who posted the news to the Full Disclosure security mailing list. “One billion users of Oracle Java SE software are vulnerable to yet another security flaw.”

So far, no cyber criminals have taken advantage of the flaw. Earlier this year, criminal gangs took advantage of previous ‘exploits’ in Java to mount cyber attacks.

Norton’s senior manager for security response, Orla Cox, said that a far Eastern gang of criminals called ‘Nitro’ used a previous Java exploit to mount attacks.
Originally from uk.news.yahoo.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s