Exploits are malicious programmes designed to take advantage of vulnerabilities in legitimate software and penetrate users’ computers. The fact that they function surreptitiously makes them all the more dangerous.
If a computer is running vulnerable versions of any software, simply visiting an infected web page or opening a file containing malicious code is enough to trigger an exploit. Traditionally, the most frequent targets for attacks have been Oracle Java, Adobe Flash Player, and Adobe Reader. However, a recent study has revealed that in the past year Java is increasingly becoming the prime target for cybercriminals.
Of the 14.1 million attacks detected using Java exploits, most happened in the second half of the study period – over 8.54 million attacks were registered from March to August 2013, up 52.7% on the previous six months.
The large number of attacks launched using Java exploits is little surprise – over the 12 months of the research, 161 vulnerabilities were identified in Java. In comparison, over the period of September 2011 to August 2012, information about 51 vulnerabilities was published. Six of the newly detected vulnerabilities were rated as critical, or very dangerous; these six were most actively used in attacks by cybercriminals.
Java is a victim of its own popularity; Cyber criminals know they are better off focusing their efforts on finding a vulnerability in Java and then attacking millions of computers at one stroke, rather than creating multiple exploits for several less popular products and still finding that they are affecting fewer computers.
To protect themselves against the potential costs of a malicious attack launched using Java exploits, ESET researchers and experts advise both home and corporate users to install Java updates promptly as well as choosing security solutions that can reliably block exploit-based cyber-attacks.
Effectively combating exploits has become a new frontier in the security field, and proactive security solutions help software developers and users alike until new vulnerabilities can be patched.