Friday, August 31, 2012



.JAR
AND
SHYLOCK



"Shylock" was a nasty Java exploit several years ago. The holes that were exploited were patched by Oracle back then. Shylock got it's name because when the virus code was examined, Security engineers found references from Shakespeare's play, "The Merchant From Venice".

This is less of a history lesson, and more about the fact that "Shylock" is back, and perhaps, more dangerous than ever. A valid response from you may be: "If the holes were patched, what's the big deal?", and my answer is simple:not everyone updates their computer. I've been to more places than I care to remember where a users PC had Java versions 2-5 on them, and I'm not sure what else the new and improved Shylock takes advantage of either. I do know that it tries to change it's characteristics when downloaded to avoid detection.

You should take a few minutes to read the security blog post on Symantec's website, which also has an easy-to-follow graphical map which helps explain it better than mere words could do. Be sure not to miss exactly what this does, once it begins to nest in your PC. Surf well, surf safely.......

'Nuff Said,
Brian

[Symantec/Norton user for over two decades]

No comments:

Post a Comment