This is apparently the week for people to add interesting things to exploit kits!
In case you’ve not already scoured all traces of Java from your machine, it’s time for your (ir)regular reminder that Java is very problematic and should be updated religiously if you’re going to use it at all. The Neutrino exploit kit has added code for a Java exploit that is unpatched in Java 6. Java 7 was patched in June of 2013.
And, that sudo vulnerability we mentioned a few months back has been added to the Metasploit exploit kit, which makes it easier for attackers to implement. It’s still not fixed in OS X, though its utility is somewhat limited here. According to the Packetstorm post, “This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.” I imagine the bulk of users are in the latter camp, and the former is an excellent reminder that you shouldn’t be running with Admin permissions for day-to-day activities. The NSA will even back me up on that recommendation! Granted, a malicious user or a trojan grabbing admin rights can get around those conditions.
If you’re following good security practices, neither of these things are going to be a big deal for you. Just in case, here’s a quick reminder:
- Always password-protect and physically protect your machine against unauthorized access
- Don’t run unexpected files, and use layered security to protect against malware
- Remove Java from your machine if possible, or make sure you’re very religious about updating to the latest version