Java Flaw Enables Cross-Browser Attack

In what may be the first known example of a cross-browser attack, users who made the switch to Mozilla Firefox to escape the specter of Internet Explorer's security failures may suddenly find themselves repossessed.

Vitalsecurity has uncovered a vulnerability that exploits a hole in Sun's Java Runtine Environment Environment that, when used in combination with Firefox and other alternative browsers, is capable of installing malware by invoking Internet Explorer.

According to the security bulletin, the attack can be executed through an alternative browser when even Internet Explorer's security settings are at their highest. On its own, IE blocks the malware's installation, which means another browser must be used for the attack to succeed.

In an example, when Firefox users visit a site containing an unsigned Java applet, the user will be prompted through a security dialog to run the software. If the user agrees to load the applet, their machine will be infected and an instance of Internet Explorer will load.

Details of the attack can be found at Vitalsecurity's Web site.

15 Responses to Java Flaw Enables Cross-Browser Attack

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.