What started off as a hack of a MacBook Pro at a security conferences has now been revealed to be a hack exploiting a vulnerability in the way Quicktime talks to Java. What does this mean? It means that this is not just an issue for Mac users, Windows users are vulnerable too! Thankfully the solution is simple, turn off Java (not JavaScript) in your web browser.

Mark my words, this is a glimpse into the future of malware. Rather than attacking individual operating systems attackers will continue to target applications instead. This attack also gives us a look at the most likely future vector for attacks, the browser. Attack users by tempting them to visit a web page in which you have inserted malicious code to exploit a vulnerability in their browser or other software that you can trigger from a web page (like Quicktime, Windows Media Player, other video software, Java, etc.). All the victim has to do is visit you web page and *WHAM* you got em! The hardest of these attacks to defend against are those against media players. However, in many cases the attack depends on something like JavaScript, on in this case, Java, to trigger the exploit in the media player.

It’s time to start securing yourself from this vector of attack. If you use FireFox (and you should) you need to install the NoScript extension and start using it. This works very similarly to the popup blocker that comes with FireFox. It blocks Java, JavaScript and Flash on all sites except those you tell it to trust. This is a very effective way of defending yourself. It’s not perfect, there is only one perfect defense against these kinds of attacks, stop browsing the web! Lets face it, we’re not going to do that! We also WANT JavaScript, Java and Flash on sites we trust, they can all add to our web experience (perhaps not Java so much). By using NoScript sensibly we can strike a balance between security and functionality. You are going to see more and more attacks of this kind, now ‘s the time to start defending yourself, not when things get really bad!