Security researchers from FireEye have identified a new Java zero-day vulnerability that’s currently being exploited in a limited number of targeted attacks.
experts, most of the recent Java run-time environments (JRE) are affected and, for the time being, there are no known mitigations.
The exploit has been found on a domain – registered to an IP address from China – that’s currently still active.
If users visit the malicious domain, they’re served a nasty piece of malware identified as Dropper.MsPMs.
The dropper communicates with a command and control server domain from Singapore.
The proof-of-concept is expected to become public any day now, allowing other cybercriminals to utilize it as well. Hopefully, Oracle will act on addressing this issue as soon as possible, even though they don't usually release out-of-band patches.