Experts link the penetration of viruses into the computers Apple and Facebook with an error in the software Java.
Programmers found the cause of the vulnerability of corporate computers Apple and Facebook, who have been cyber attacks. After 50 software update Java from the beginning of the year, Oracle was not able to correct all errors. Attackers continue to use Java to break into computers to public agencies and private corporations because of the vulnerability of security systems. Java remains a “nightmare”, developers complain.
Vulnerability of workers employee computers Apple and Facebook to cyber attacks could be caused by uncorrected errors in the software Java, state the experts interviewed Financial Times.
Errors in the Java plugin from Oracle Corporation experts specializing in the security of personal data, said last year.
According to the head unit for security Rapid7 HSBC Dee Moore, a security error last update Java 7 is used by hackers to break into computers based on Mac OS X, Windows and Linux.
Since February Oracle has released 50 updates to fix bugs in the software. The next is planned for April.
“But Java is a real nightmare. Oracle was not able to “fill holes” in the plugin “, – said the head of research at AlienVault Jaime Blasco. According to him, the attacker uses Java to break into computers to public agencies and private corporations because of security issues.
The expert also connects a series of cyber attacks suffered by Facebook and Apple since the beginning of the year, with uncorrected errors in Java.
Security guards found the Facebook penetration unknown virus and malware desktop computers by social network in January. Later, the experts found that the wave of cyber attacks came from China.
The broadcast of the virus hackers used a fake site developer of mobile applications that employees use Facebook. Despite the latest anti-virus system, a malicious design to install software, which is distributed to the other computers.
This kind of attack is called a “watering hole”: hackers do not attack their interesting services, and infect the sites that are visited by their employees.
On Tuesday, a similar attack undergone personnel corporation Apple. Manufacturer of the iPhone and iPad, said that some computers have been attacked by a virus after staff visited the website for software developers with malicious code.
The company had quickly eliminate the virus and sent a report to law enforcement agencies and the company Oracle, to find the source, spreading malware.
The Java programming language was developed by Sun Microsystems, which is part of Oracle. It is used by developers to write programs and applications that can run on almost all computers, regardless of operating system. Users have access to the products through software modules or plug-ins that run Java-based applications in the browser, such as Internet Explorer and Firefox.
US-CERT experts believe that with the help of Java hackers generate special HTML-document with malicious code. The first risk are business because it uses Java to run their websites and web applications, adds Chief Technology BeyondTrust Mike Mayfret.
According to co-founder of Lookout (developer of security software for mobile) Kevin Mahaffey, the situation resembles Oracle difficulties faced by Microsoft Corporation in the early 2000’s. Windows XP users have discovered vulnerabilities in security software: The virus enters the computer for a few seconds after you connect to the Internet.