Java Runtime Environment 6U29 exploit in the wild

So my home computer contracted a virus over the weekend. Luckily my antivirus was able to pick it up and remove the infected files, which were variants of the virus Ramnit-AC and the Trojan downloader Java:agent, but I couldn’t for the life of me figure out how it got on there.

That was, until today when both Thunderbird and Firefox warned me that the JRE SE6U29 add-on is “known to cause stability or security problems”:

After looking into this further it turns out that Oracle released a security advisory and critical update back in February already. I really don’t know how I didn’t get this update as I have Java set to update automatically – quite disappointing.

I’ve updated to the latest versions which should remove the exploit. I highly recommend you check if your system is vulnerable via the Mozilla plugin checker.

Tags: , ,

Leave a Reply