Java-based attacks remain at large
Java-based attacks remain at large, researchers say Summary: Just how are Java attacks getting through? A new Websense report suggests that approximately 94 percent of endpoints which run Oracle's Java are vulnerable to at least one exploit, and we are ignoring updates at our own peril. According to security researchers at Websense , it's not just zero-day attacks which remain a persistent threat. Instead, Java exploits are now a popular tool for cybercriminals. With so many vulnerabilities, keeping browsers up-to-date can become an issue — especially as Java has to be updated independently from our preferred browser, and a mobile, cross-browser workforce is difficult to manage securely. Keeping this in mind, the security team used their Advanced Classification Engine (ACE) and ThreatSeeker Network to both detect and analyze in real-time which versions of Java are currently in use across "tens of millions" of endpoints. The researchers found that ...