Java Is Top Attack Target
Java Is Top Attack Target
Written by Andrew Johnson   
Monday, 05 November 2012

Kaspersky has just released its analysis of security threats in Q3 2012 and top of the list is Java. This isn't encouraging given the recent bad press the language system has received.

There seems to have been something of a backlash against Java in the past few months.  For example, not happy with just killing off Flash, Apple has now removed Java from its hardware. In addition many PC users were spooked into removing Java altogether, rather than just disabling its use in the browser.

Was all of this justified or is it some sort of conspiracy against Oracle via Java?

 

kasperskyjava

According to the latest findings from Kaspersky Labs, it does look as if the concerns have a basis in fact. It seems that Java played a role in 56% of attacks. The only thing that comes even close is Adobe Acrobat at 25%.

Kaspersky comments that the cross platform nature of Java makes it attractive to malware writers as well as to app developers. It also points out that the lack of an enforced Java update mechanism means that vulnerabilities tend to stay active for longer. With an estimated 1.1 billion Java installations, this seems all too reasonable.

Recently it seems that the sandboxing provided by the Hotspot VM has been compromised and this exploit not only turns up in targeted attacks but in exploit packs, allowing others to use the same entry points with little effort.

If Oracle wants to stem this tide of bad publicity it needs to reconsider the rate at which it generates patches and how it issues updates to the JRE.

 

 

It is also interesting to note that Windows and IE account for only 4% of vulnerabilities, which is possibly due to the enforced updates introduced in the last few years. Adobe Flash notched up an insignificant 3%. Could it be that malware writers have given up on it too?  Android root attacks also accounted for only 2%.

The rest of the report is also worth reading.

More Information

IT Threat Evolution: Q3 2012

Related Articles

 

 
 

 

blog comments powered by Disqus

 

To be informed about new articles on I Programmer, install the I Programmer Toolbar, subscribe to the RSS feed, follow us on, Twitter, Facebook, Google+ or Linkedin,  or sign up for our weekly newsletter.

 

Banner


Guetzli Makes JPEGs Smaller
20/03/2017

There is a lot of flexibility in how you can configure a JPEG file to best represent an image. Now Google's Guetzli can find optimum settings and so produce files that are up to 45% than other encoder [ ... ]



//No Comment - Assessing Code Authorship, Git Blame Who? & The Case of OpenStack
12/03/2017

•  Assessing Code Authorship: The Case of the Linux Kernel

• Git Blame Who? Stylistic Authorship Attribution of Small, Incomplete Source Code Fragments

• Cooperation among competitors in  [ ... ]


More News

Last Updated ( Monday, 05 November 2012 )
 
 

   
Banner
RSS feed of news items only
I Programmer News
Copyright © 2017 i-programmer.info. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.