A zero-day exploit being brazenly sold for a five-figure price has experts renewing calls to disable the Java run-time environment in enterprise settings
Another zero-day exploit of the ubiquitous Java run-time environment has security experts once again calling for enterprises to disable it in user browsers. The exploit is available on a members-only criminal hacking site for a five-figure price, according to Network World.
The exploit takes advantage of the Java class MidiDevice.Info, which handles audio input and output, says security expert Brian Krebs.
Java runs on an estimated three billion devices. Experts believe 65 per cent of those installations aren’t patched.