It has become a joke among security professionals in IT that every day Oracle fixes at least one Java failure, and every day brings at least two new flaws. And it seems neither Facebook escaped the problems brought by these bug, as they had several machines just invaded by a bug in Java.
The security team explains in not very technical terms what happened: a group of employees accessed a website about mobile development, and this site was compromised, hosting malicious code that allowed a malware was installed on the notebook users. As Facebook swear feet together and kneeling on corn all the machines there are always updated and anti- virus installed and updated, the invasion could only happen from a recently discovered bug.
After the invasion was perceived by the security team, all compromised computers were properly cleaned and the local police were notified. In addition, an investigation was conducted to find out the background which was committed in the invasion and how exactly it happened.
The good news is that according to Facebook, no user data was compromised.
The bad news (at least for Java) is that research has shown that the code hosted on the infected site was using a bug never seen before to go over the protections sandbox and, from there, install malicious code on the machine of users who accessed the site.
Facebook immediately warned Oracle, which released on February 1 an update to Java, solving this and other problems.
In the note, the company also notes that probably many other users out of Facebook may have been infected, and that it machines worldwide may be infected. That is, remember to keep your updated Java and configure it to only run when requested. And, if in doubt, format your machine and start again.
Error java installer problem solve in 30 seconds!
Netscaler java applet troubleshooting
Fixing Common Facebook Issues
[SOLUTION] Java Installer Download Failed Error on Windows …
How to compile and run java program written in another …
Facebook scrolling problem – EPIC FAIL
OS X Java update failed
Failed to connect to Standalone V8 VM
Problems with the Java Uploader try the Picasa Uploader on …
error java tm installer failed
eclipse – Java does not find class file
java – Is Rectangle a built-in class
java – Android keystore signature problem
OS X Java update failed