“Security experts from several different organizations are tracking an increase in Windows malware compromises via Java, although not from a vulnerability in Windows itself: the threat comes from a feature of Java that prompts the user to download and run a Java applet. Kaspersky said it saw a huge uptick in PCs compromised by Java exploits in December, but that the biggest change was the use of this Java feature for social engineering. Brian Krebs writes about this trend, and looks at two new exploit packs that are powered mainly by Java flaws, including one pack that advertises this feature as an exploit that works on all Java versions.”Here is some more Tech News from around the web:
- 2010 Year in Review: The Events That Made History @ X-bit Labs
- Personal Computers of 2011: Eleven Predictions @ X-bit Labs
- Reinvention and Nostalgia @ t-break
- Skype 3.0 Review – iPhone 4 @ t-break
- Alphabet – Learn and Play @ Rbmods
- Cyberlink PowerDirector 9 Ultra64 Review @ KitGuru
- Samsung CLX-3185FW Color Laser Multi-function Printer @ Overclockers Online
- Samsung NX100 Review @ TechReviewSource
- HDPlex H10.ODD Silent HTPC Chassis Giveaway @ Missingremote
- Win a HIS Radeon HD 5750 IceQ+ Graphics Card @ eTeknix
Take a moment to think before running Java apps
It is understandable that after a while we become desensitized to the pop up window asking to download a Java app to play an online game or to access a bandwidth test but you should keep in mind that is also a common vector for infection. According to Slashdot several security firms are pointing to a rise in infections via a malicious program installed via that pop up window, especially now that social networking sites are including Java. Make sure to double check those pop ups before you say OK.
