<p>Attackers are exploiting a new and unpatched vulnerability that affects the latest version of Java -- Java 7 Update 6 -- in order to infect computers with malware, according to researchers from security vendor FireEye.</p><p>So far, the vulnerability has been exploited in limited targeted attacks, FireEye's senior staff scientist Atif Mushtaq said Sunday in a blog post. "Most of the recent Java run-time environments i.e., JRE 1.7x are vulnerable."</p><p>The exploit is hosted on a website that resolves to an Internet Protocol address in China and its payload is a piece of malware that connects to a command and control server located in Singapore.</p><p>The malware installed in the attacks seen so far appears to be a variant of Poison Ivy, Jaime Blasco, a researcher with security firm AlienVault, said Monday in a blog post.</p><p><a href="http://www.cso.com.au/article/434757/unpatched_java_vulnerability_exploited_targeted_attacks_researchers_say/">Keep reading...</a></p>