Zscaler, has deployed various protections to combat the exploitation of a 0day vulnerability in the current version of the Java Runtime Environment (version 7). Targeted attacks emerging from China and Singapore have recently been identified, but exploitation is likely to broaden now that public exploit code and a Metasploit module are available. Given that Oracle, which maintains Java, generally sticks to a quarterly release cycle, it is unclear when a patch for this issue will be made available.
Java 7 Applet Remote Code Execution
- Java Runtime Environment Version 7 (Updates 0-6)