A zero-day Java vulnerability that affects all versions of the browser plug-in has been incorporated in popular exploit kits. The exploits have been implemented within the Blackhole, Cool and Nuclear Pack kits. “This could be mayhem,” a French researcher who uses the handle Kafeine discovered the flaw Thursday. Java plug-ins are particularly vulnerable because users often do not deploy security updates in a timely fashion. Experts recommend disabling Java in browsers, unless it is needed to access specific applications, experts say.”]
Source: https://www.csoonline.com/article/2132767/java-zero-day-prompts-calls-again-to-disable-it.html