CTA: New Java Zero-Days

• Disable Java in Internet Explorer
• Disable Java in Firefox
• Disable Java in Chrome
• Disable Java in Safari
• Disable Java in Opera

DETAILS: Oracle has yet to release any official statement, but a webpage has already been dedicated on their website to this issue, documented as CVE-2013-1493.

Fireeye as well as other sources confirm the exploit is not very reliable, and oftentimes results in a crash of the Java Virtual Machine (JVM).  This same vulnerability has also been attributed to the Bit9 security breach discovered in January by the company, where the company’s security certificates were stolen.In addition, Polish researchers from a firm known as Security Explorations have also discovered two separate zero-days documented by Oracle as Issue 54 and 55.  Both of these have been submitted to Oracle, but Issue 54 was confirmed by the company as “allowed behavior”.

Security Explorations records communication with Oracle concerning exploits.

It’s been a pretty bad start for Java this year, with Oracle addressing over 50 security holes released in two patches.  With a long history of the software’s exploitation and no foreseeable end, consumers might want to consider discontinuing the use of java altogether unless absolutely necessary.

Joshua Cannell is a Malware Intelligence Analyst at Malwarebytes where he performs research and in-depth analysis on current malware threats. He has over 5 years of experience working with US defense intelligence agencies where he analyzed malware and developed defense strategies through reverse engineering techniques.  His articles on the Unpacked blog feature the latest news in malware as well as full-length technical analysis.  Follow him on Twitter @joshcannell