According to a new report by a security expert, the cyber criminals are increasingly exploiting vulnerability in the current versions of Java to target users and spread malware.

An independent researcher reported in his blog that cyber criminals are increasing using an exploit "in the wild" to infect computers around the world with illegitimate programmes. They secretly install malware on the computers of user who visit websites that are infected with the malware. These types of attack are called drive-by download attacks and are used to target users in different parts of the world.

The researcher indicated that the details of the exploit are being shared only with the security companies. Bogdan Botezatu, a senior e-threat analyst at antivirus vendor Bitdefender said that the there is a venerability with the Java 1.7 Update 9 and Update 10 and the exploit might be present in other versions of the program as well.

Researchers from security firm AlienVault also confirmed that the exploit exists in a fully patched installation of Java 7. Experts say that the exploit has been added to the popular Blackhole exploit toolkit as well as the Cool Exploit Kit.

The Java 7 Update 10 was released on 11 December, 2011 and it allows users more control over Web-based Java content. The users can also turn off all Java based content in browsers easily.