A new Trojan horse has been discovered that exploits a flaw found in Java, leaving computers running Windows, Mac OS, and Linux vulnerable to attack. Mal/JavaJar-B allows attackers to remotely trigger code once it infects a system, potentially leading to the installation of malware, or even ransomware. Oracle hasn’t yet patched the vulnerability, which targets even the latest version of Java.
US-CERT recommends that users disable Java in web browsers
The issue is so large that the Computer Emergency Readiness Team at the Department of Homeland Security has urged users to disable Java. The governmental organization says in a release that the vulnerability "is being actively exploited" and that "exploit code is publicly available." US-CERT recommends that Java be disabled in the browser until an update is pushed out by Oracle.
In fact, Apple has already taken those very steps for Mac OS X users. The company has pushed a revision to its Xprotect.plist blacklist that updates the minimum required version of Java to a future version that hasn’t yet been released. The vulnerability works across all Java plug-in versions up to 1.7.0_10-b18, with Apple updating its blacklist to require b19. As a result, the anti-malware service installed on Mac OS X prevents the Java browser plug-in from running at all.