Users Not Patching Java

Wednesday, March 27, 2013 @ 12:03 PM gHale


Over 93 percent of endpoints used an unpatched variant of Java that cyber criminals could exploit with the Cool exploit kit, a new report said.

The report comes from data collected from tens of millions of endpoints by Websense’s Advanced Classification Engine (ACE). To get a real-time telemetry about vulnerable Java versions, the data then went into the Websense ThreatSeeker Network.

RELATED STORIES
Stolen Certificate Signs Java Exploit
Ransomware Leverages Windows PowerShell
Hiding Code into JavaScript
Trojan a Work of ‘Poetry’

According to the security firm, about 5 percent of web browser users utilize the latest Java Runtime Environment, which is JRE 7 update 17.

In addition, users (78.86 percent) still haven’t migrated to Java 7, which means their systems are highly vulnerable to cyber attacks.

“Grabbing a copy of the latest version of Cool and using a pre-packaged exploit is a pretty low bar to go after such a large population of vulnerable browsers,” said Charles Renert, vice president of Websense Security Labs.

“Most browsers are vulnerable to a much broader array of well-known Java holes, with over 75 percent using versions that are at least six months old, nearly two-thirds being more than a year out of date, and more than 50 percent of browsers are greater than two years behind the times with respect to Java vulnerabilities.”

Besides the exploit for Java 7 update 15, which affects 93 percent of the population of browsers, Cool also contains exploits for Java 7 update 11 and Java 7 update 7, to which 84 percent, respectively 74 percent of endpoints are vulnerable.

Exploits for Java 7 update 6 and update 4 are now a part of the Blackhole 2.0, RedKit, CritXPack or Gong Da. Nearly three quarters of the endpoints analyzed by Websense could suffer compromise by these exploits kits.



Leave a Reply

You must be logged in to post a comment.