The recently discovered potentially apocalyptic Java exploit has been spreading, with the hack now part of a commonplace malware bundle that's doing the rounds on the hacking scene.
According to security researchers at Websense, the Java bug is now part of the Blackhole hacking kit, which is a kind of off-the-shelf collection of malware delivery tools popular with those that want to gain illegal access to the computers of others via a scattergun, see-what-hack-works approach.
Meanwhile, Mozilla has taken the bold step of telling all Firefox users to disable Java while Oracle casually develops its fix, with the Firefox maker working on adapting its code so that all users running the exploitable version of Java will have the plugin automatically disabled for them.
Oracle, maker of Java, says its next security update for Java is due on October 12th, which gives the malware world a rather large window of opportunity to wreak havoc in the mean time. [MacWorld]