Following an attack on a smaller number of corporate Macs that exploited exploited a flaw in the Java browser plug-in, researchers from security firm FireEye are warning users of yet another new Java zero-day vulnerability. According to a blog post published yesterday (via IDG), browsers running Java v1.6 Update 41 and Java v1.7 Update 15 are currently vulnerable to a malware attack that installs a remote access tool known as McRAT. The exploit is reportedly different from the one used to attack Facebook, Twitter, Apple and several other companies last month. Following the earlier attack, Apple released an updateto Java for users to version 1.6.0_41. These recent vulnerabilities come after several updates over the past year to Java addressing exploits.
FireEye is recommending users disable Java until Oracle addresses the issue:
We have notified Oracle and will continue to work with Oracle on this in-the-wild discovery. Since this exploit affects the latest Java 6u41 and Java 7u15 versions, we urge users to disable Java in your browser until a patch has been released; alternatively, set your Java security settings to “High” and do not execute any unknown Java applets outside of your organization.
Oracle provides the instructions below for uninstalling Java on Mac:
- Click on the Finder icon located in your dock
- Click on Applications tab on the sidebar
- In the Search box enter JavaAppletPlugin.plugin
- This will find the JavaAppletPlugin.plugin file
- Right click on JavaAppletPlugin.plugin and select Move to Trash