zero-day attacks

Chorus Grows Louder to Disable Java 7 After Exploit Hits Mainstream

More security researchers are recommending users disable the current version of Java after zero-day exploits gained traction in the Web world.Patrick Runald, director of security research for Websense, told PC World today that his team had uncovered more than 100 infected domains – a figure expected to rise sharply after the exploit code for the Java vulnerabilities was added in recent days to the popular hacker tool Blackhole.

China Hardest Hit by Latest IE Malware Attacks

Computer users in China and Korea were the hardest hit by the latest wave of zero-day malware attacks targeting a flaw in the Internet Explorer browser, according to data released by the Microsoft Malware Protection Center (MMPC).

Despite the fact that the majority of malware exploits use JavaScript to trigger an attack in Adobe’s PDF Reader product, the company says it’s impossible to completely remove JavaScript support without causing major compatibility problems.In a Q&A (listen to podcast) with Threatpost editors Dennis Fisher and Ryan Naraine, Adobe security chief Brad Arkin says the removal of JavaScript support is a non-starter because it’s an integral part of how users do form submissions.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.