There were too big news stories in the Java Exploitation landscape this week:

  1. Blackhole Exploit Kit added an exploit for CVE-2012-0507
  2. Metasploit added exploit for CVE-2012-0507

In order to help users and organization's do a quick field test to see if they are exploitable to these attacks, I crafted a Java version check now available at IsJavaExploitable.com

Here is a screen capture of the version check in action:

Here is a info-graphic I created based on my research which was added as an update to the Krebs blog post:

To test if your machine is exploitable, go to IsJavaExploitable.com. If you need a tool to find vulnerable machines on your network, get the free Nexpose Community Edition vulnerability scanner.