[Non-product related] CVE-2012-4681

Hi There,

I didn't really know where to post this since this is just a question (mostly directed at ESET) regarding a new 0-day threat CVE-2012-4681. I just got an email about from our network vendors and there isn't much information about this released to the web yet. I didn't see anything listed on blog.eset.com about this, but thankfully a new signature is JUST being released to detect this exploit. See: http://go.eset.com/us/threat-center/threatsense-updates/search/?q=CVE-2012-4681

I'm just wondering, is this another over-hyped reaction from the internet or is there a real threat and concern here? I mean, Java exploits are not new.

EDIT:
The email I got was informing me that java should be disabled on everyone's computer etc. because of this exploit.

 

Perhaps there's been a bit of over-hype but the media do this by nature. Still, the exploit is real as outlined in the following articles:

http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html
http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/
http://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html


Lucky for us ESET users, as you mentioned, ESET already detects this as Java/Exploit.Agent.NDE trojan and of course CVE-2012-4681 so you don't need to worry.

 

Hello,

Just to follow up to DWomack's excellent-as-usual reply, I did a quick check and it does not seem that this vulnerability is being widely exploited yet.

That said, exploits can often appear rapidly as malware authors adopt them, so some level of caution is warranted.

Regards,

Aryeh Goretsky