Jump to content

Beware of fake Java updates..


ShyWriter

Recommended Posts

.

Beware of fake Java updates

New malware poses as Java updater to fix recent vulnerabilities.

by Topher Kessler

January 22, 2013 9:30 AM PST

JavaUpdateIconX_90x90.png

Following recent security vulnerabilities in Java, malware developers are taking a new approach to exploit the Java platform by issuing false updates that pose as legitimate updates for the runtime.

The latest version of the Java runtime that fixes recent vulnerabilities is update 11, and Kaspersky labs is reporting that a new malware is out that poses as "Java Update 11." The malware is packaged in a Java archive file called "javaupdate11.jar" that contains two Windows-based executables called "up1.exe" and "up2.exe." When installed the programs open a back door to a command and control server.

The malware apparently is not exploiting any vulnerabilities in Java, but is merely taking advantage of the current state of Java to trick users into running the fake installer. (More...)

Read more on this malware at: http://reviews.cnet.com/8301-13727_7-57565035-263/beware-of-fake-java-updates/

(with thanks to @noknojon)

Steve

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.