Reply to post:

Attackers exploit Spring4Shell flaw to let loose the Mirai botnet

hayzoos

"They also can downgrade to a lower JDK version such as version 8, though doing so "could impact application features and open doors to other attacks mitigated in higher versions of JDK," the researchers wrote."

The botnet tools like Mirai are not single function, they are toolsets. The nature of IOT is ship and forget. I would be highly surprised that they do not carry exploits for multiple versions since not doing so would leave a lot of older targets unused. So, um, no, downgrading to avoid the exploit du jour is not going to help in the larger scheme.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022