Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more

Oracle Headquarters

A newly discovered vulnerability in Java 7 may let hackers attack Apple computers, bringing back memories of the recent Flashback trojan that may have been stealing up to $10,000 a day in ad revenue.

The hole was found in Oracle’s latest Java 7 runtime and exploits are already seen using the vulnerability to attack Windows PCs. The virus enters a computer when the user visits a website. That’s it. The website may appear blank, but in the background, the malware is downloading to the computer. According to CNET, some may see the word “loading” over the Java icon for a second.

Because the malware takes advantage of a hole in Java 7, it could lead malware writers to attack Mac systems that also use Java.

“Exploit kits” are now being sold in black markets that include the vulnerability — meaning we could see some real malware taking advantage of the hole soon.

The vulnerability nods to the Flashback trojan, which some say affected hundreds of thousands of Mac computers earlier this year, and gamed Google to steal advertising revenue in searches. The trojan helped Mac users realize that though Apple products have been predominately the “safer” option between a Mac and a PC, they aren’t invincible. Flashback also exploited a hole in Java, which was later patched by Apple.

As CNET notes, Oracle only updates its Java runtime software once a quarter and doesn’t often deviate from that pattern. Thus, the only way to really ensure your safety against the vulnerability is to fully uninstall Java 7. This may be a pain for some who use it regularly, and for third parties may come out with patches of their own. But otherwise, it’s probably a good idea to take it offline before someone really exploits the hole.

via Cnet; Oracle image via Peter Kaminski/Flickr


VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member