Java Hack Will Bring About the End of the World

By Gary Cutlack on at

A rather huge exploit has been used to attack users of Java, which has been found to operate within browsers on PCs, OS X and even the more robust Ubuntu. Everything that runs Java is now vulnerable.

The browser-based hack has been proven to work when using version 1.7 of the Java Runtime Environment, which is the most recent version of the commonplace tool.

Security researchers at FireEye uncovered the hack, which uses a web page to deliver a payload to a user's computer. Currently it's only been spotted working on Windows machines in the wild, as the hack's delivering a PC executable file, although boffins at Metasploit have examined the code and found it could easily offer infection injections to anyone using the Java browser plugin on Safari in OS X 10.7.4, or even versions of Firefox on Ubuntu Linux 10.04.

There's no patch out there yet, but it has been given a name -- CVE-2012-4681 -- and is therefore on the official danger list. [FireEye via The Register]

Image credit: Hacker from Shutterstock