'Tis the season for giving. And anybody visiting Amnesty International's UK website could currently end up with the gift of a keylogger courtesy a Java exploit. Brian Krebs has written about it on his blog: Krebs on Security.
Amnesty's UK site was hacked to include an iframe linking to a Brazilian server, which hosts a CVE-2011-3544 based Java Exploit.
Our browsing protection is now blocking Amnesty's site. We've been blocking the .br site for several days already. We detect, and there's fairly good AV industry coverage on, both the Java exploit and the trojan it drops.
Read the full details from Krebs, linked above. And stay safe.
As Mikko noted in his post yesterday, if you don't need Java SE, why have it installed?
Here's what a Java-free browser will display when it comes across a Java exploit:
"An additional plug-in is required to display some elements on this page."
