Java replaces Adobe Reader as the most frequent attack target

Microsoft Malware Protection Center (MMPC) monitoring shows a dramatic increase in recent months in the number of attempted attacks on Java vulnerabilities. According to Holly Stewart of MMPC, since the middle of the year about six million attacks were registered attempting to exploit three older Java holes. This exceeds, by a large margin, the number of attacks on Adobe reader, the former leading attack target.

Stewart speculates that Java is now a more tempting target for criminals because, like Adobe's software, the Java Runtime Environment (JRE) is installed on almost every PC, but most users don't pay it much attention to it. The majority of these users don't bother with frequent security updates: one of the holes reportedly being exploited is two years old.

Adobe's efforts to make Reader more secure may well be proving effective. Among various improvements for Reader, Adobe has introduced the automatic update feature, which could be encouraging criminals to shift their efforts to Java as an attack face. This is supported by Brian Krebs observations. Krebs has determined that many commercially available attack tools for criminals now contain Java exploits and these exploits are now frequently the most successful.

Only recently, Oracle as part of its October Patch Day, updated Java releases. 29 holes spread over versions 6.0, 5.0 and 1.4.2 for all supported platforms were closed. Oracle classified 15 of these vulnerabilities as critical.

(trk)