An exploit for a flaw in Java was added to Metasploit penetration testing framework. The recently patched vulnerability affects Java Runtime Environment in Oracle Java SE JDK and JRE 6 Update 57 and JRE 7. An attack can be launched when user visits malicious website.
Earlier the exploit was added to cybercriminals’ toolkit BlackHole. Metasploit users decided to add it also to their software to increase awarness.
„Once it's in the kits, someone can buy it. It becomes much more widely distributed and used. It lowers the bar for entry“ - Jonathan Cran from Metasploit Project said.
The newest Microsoft data showed that Java is the most attacked platform.

Source: SC Magazine
02.12.2011