Another Java 0-day vulnerability. It's being exploited in the wild. Just like last time. Repeat after me, turn off Java in all your browsers. If you're looking for the weaponized exploit, it is available for download here: Java malware.
Read more »
The front page of Slashdot today tells us that another Java 0-day has been found. It works in Metasploit and is being used in the wild. Turn off the Java plugin now! Never turn it back on.
[article]
The analysis of this seems to point to the getField function of sun.awt.SunToolkit. See the code below for the guts ...
Read more »
import java.io.File;
class j4vaDelete
{
void deleteJohn() {
String filename="john.txt";
File file = new File(filename);
if(file.exists()){ file.delete(); }
}
// public
public static void main(String [] args)
{
j4vaDelete a = new j4vaDelete();
a.deleteJohn();
}
}
Well, it never is just that easy. What if you ...
Read more »
