Java Flaw Being Exploited Thanks to Hacker Toolkit

The BlackHole kit, a popular exploit set among hackers, has been updated to take advantage of a recently discovered Java hole that security researchers say many haven't updated yet.

The Java exploit allows attackers to bypass the Java Runtime Environment's sandbox platform to install malicious code remotely. Microsoft reported last week that it had observed this vulnerability being exploited in the wild last week.

Microsoft also tested to see if the vulnerability could easily be exploited. It successfully accessed the Java sandbox mode and installed the ZeuS Trojan on a test machine.  

Cyber security blogger Brian Krebs said the vulnerability was spotted shortly after Microsoft's tests were made public.

"According to posts on several underground carding forums, the exploit has now been automatically rolled out to miscreants armed with BlackHole, by far the most widely used exploit pack," Krebs wrote in a blog post.

The newest patch from Java, which was released February 15, will protect users from this exploit. However, Marcus Carey, security researcher for Rapid7, estimates that a majority of Java users have yet to upgrade.

"Rapid7 researched the typical patch cycle for Java and identified a telling pattern of behavior," said Carey. "We found that during the first month after a Java patch is released, adoption is less than 10 percent. After two months, approximately 20 percent have applied patches and after three months, we found that more than 30 percent are patched. We determined that the highest patch rate last year was 38 percent with Java Version 6 Update 26 3 months after its release."

Based on Rapid7's observations, it is estimated that only around 10 percent of users are running the newest Java version.

It is recommended that those who have not patched to the latest version of Java do so as soon as possible. The update, including additional information on the patch, can be found here.  

About the Author

Chris Paoli is the site producer for and


  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus