Description: In this webcast, Ryan Naraine talks to Kurt Baumgartner about the rise of exploits against vulnerabilities in Oracle's Java software. The discussion centers around the exploitation of Java vulnerabilities in exploit kits and the poor state of patching on the Windows platform.
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Java exploits have been generally very reliable for attackers due to a low patch rate. For example, one recent exploit took advantage of a Java vulnerability for which a patch was available at the end of 2011 -- yet the Blackhole exploit toolkit included the exploit in its toolkit even after the patch was made available.
nice explanation of java vulnerability.
more information is available on
http://www.internetnews.com/security/java-exploits-are-the-most-reliable-vulns.html
thanks