disable Java

Incomplete Java Patch Paved Way for Latest Zero Day Mess

The exploit targeting the latest zero-day vulnerability in the Java platform is dropping ransomware, and has been found in another exploit kit. Security experts, including U.S.-CERT last night, advise users and IT managers to disable Java on endpoints and browsers. Meanwhile, Polish security researcher Adam Gowdiak of Security Explorations, said the attacks target a pair of vulnerabilities, one of which was reported to Oracle in September and patched, apparently incompletely, in October.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.