Stay updated on the latest news from
the makers of Nexus
New Java Attack Introduced Into Cool Exploit Kit
by Ali Loney on November 12, 2012

Tags: News, security, AppSec Spotlight

Threatpost – (International) New Java attack introduced into Cool Exploit Kit. A new exploit was found in the Cool Exploit Kit for a vulnerability in Java 7 Update 7 as well as older versions, a flaw patched by Oracle in Java 7 Update 9. Cool Exploit Kit was discovered in October and is largely responsible for dropping the Reveton ransomware. A new Metasploit module was introduced November 11 by a researcher, according to a frequent Metasploit contributor. He suggested it is likely the exploit has been in the wild for a period of time and has only now been integrated into an exploit kit. The new Java exploit, a sandbox escape, targets vulnerability CVE-2012-5076 that was repaired in Oracle’s October 2012 Critical Patch Update. Attackers can run arbitrary code on compromised machines, the Metasploit contributor said.


Recent Posts

Posts by Topic

see all

Get Blog Updates