Bloodhound.Exploit.40 (more javaprxy.dll)

Symantec finally got detected the exploit file I created over the weekend for javaprxy.dll. They are calling it bloodhound.exploit.40. They don’t think its in the wild either. Note that although the 7/7 rev 17 defs will detect this, it will not necessarily keep the exploit from occurring. It does help keep any webserver clean that is running antivirus.
Of course with attackers shifting towards more targeted models, they wont be noticed as quickly. A while back my webhosting provider got hacked and 10,000 sites had a iframe added that loaded malicious code. The vulnerability was 9 months old so I was well patched. Imagine if they were able to hack my web provider again and use this newer exploit to install spyware or bots. While it wouldn’t make the news since its doesn’t effect Microsoft, Yahoo or Ebay, it would still infect an impressive number of computers.
You dont just need to worry about malicious websites. Sites that you trust can be made to serve up viruses if the server is compromised. You wont necessarily hear about it in the news or from the ISC if it only effects a small group of people. Take the mitigating steps that Microsoft recommends. Hopefully the real patch will be available on Tuesday, but why wait until then to have a measure of protection.