[Non-product related] CVE-2012-4681

Discussion in 'ESET NOD32 Antivirus' started by Geosoft, Aug 28, 2012.

Thread Status:
Not open for further replies.
  1. Geosoft

    Geosoft Registered Member

    Joined:
    Jan 7, 2009
    Posts:
    270
    Location:
    Toronto, Ontario, Canada
    Hi There,

    I didn't really know where to post this since this is just a question (mostly directed at ESET) regarding a new 0-day threat CVE-2012-4681. I just got an email about from our network vendors and there isn't much information about this released to the web yet. I didn't see anything listed on blog.eset.com about this, but thankfully a new signature is JUST being released to detect this exploit. See: http://go.eset.com/us/threat-center/threatsense-updates/search/?q=CVE-2012-4681

    I'm just wondering, is this another over-hyped reaction from the internet or is there a real threat and concern here? I mean, Java exploits are not new.

    EDIT:
    The email I got was informing me that java should be disabled on everyone's computer etc. because of this exploit.
     
  2. dwomack

    dwomack Eset Staff Account

    Joined:
    Mar 2, 2011
    Posts:
    588
    Perhaps there's been a bit of over-hype but the media do this by nature. Still, the exploit is real as outlined in the following articles:

    http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html
    http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/
    http://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html


    Lucky for us ESET users, as you mentioned, ESET already detects this as Java/Exploit.Agent.NDE trojan and of course CVE-2012-4681 so you don't need to worry.
     
  3. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Just to follow up to DWomack's excellent-as-usual reply, I did a quick check and it does not seem that this vulnerability is being widely exploited yet.

    That said, exploits can often appear rapidly as malware authors adopt them, so some level of caution is warranted.

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.