In the course of researching and preparing volume 9 of the Security Intelligence Report, Microsoft analysts discovered an interesting trend. According to Microsoft's findings, attacks against Java have recently surged to unprecedented levels--dwarfing attacks against Adobe PDFs.
Microsoft is accustomed to being a prime target for malware attacks, and Adobe has been hogging center stage for a while as well. But, a post on the Microsoft Malware Protection Center (MMPC) blog notes, "by the beginning of this year, the number of Java exploits (and by that I mean attacks on vulnerable Java code, not attacks using JavaScript) had well surpassed the total number of Adobe-related exploits we monitored."
Java runs in the background under the radar and vulnerabilities may be left unpatched and exposed.Attacks on Java make sense for precisely the same reason that attacks on Adobe make sense. A malware developer that has to choose which operating system platform to attack will choose Microsoft because it offers significantly more potential targets. But, as Microsoft has developed more secure applications, and improved security controls, attackers have discovered that third-party cross-platform technologies are often a weak spot in the security armor.
More: http://www.pcworld.com/businesscenter/article/208171/
Microsoft is accustomed to being a prime target for malware attacks, and Adobe has been hogging center stage for a while as well. But, a post on the Microsoft Malware Protection Center (MMPC) blog notes, "by the beginning of this year, the number of Java exploits (and by that I mean attacks on vulnerable Java code, not attacks using JavaScript) had well surpassed the total number of Adobe-related exploits we monitored."
Java runs in the background under the radar and vulnerabilities may be left unpatched and exposed.Attacks on Java make sense for precisely the same reason that attacks on Adobe make sense. A malware developer that has to choose which operating system platform to attack will choose Microsoft because it offers significantly more potential targets. But, as Microsoft has developed more secure applications, and improved security controls, attackers have discovered that third-party cross-platform technologies are often a weak spot in the security armor.
More: http://www.pcworld.com/businesscenter/article/208171/