This past year something has been brewing in the underbelly of the Internet that has only recently come to light, causing security experts to sit up and taking notice. Exploits on Java have multiplied tremendously in number and they are proving to be incredibly effective. First reported by Krebs On Security last week, now the Microsoft Malware Protection Center (MMPC) has a blog post about the wave of Java exploitation they found when reviewing their gathered monitoring data. In fact, the MMPC discovered that by the beginning of this year the number of exploits on Java code vulnerabilities well surpassed the number of Adobe exploits they monitored.
Three recent vulnerabilities in Java have paved the way for malware exploitation and all three have had patches available for some time. The vulnerabilities are multi-platform (Linux, Mac, Windows) and can allow remote code execution. The MMPC has a table with a few details about the vulnerabilities, what is notable is that two of the vulnerabilities went from hundreds of thousands of attacks per quarter to millions. Another reason that Java attacks are becoming ubiquitous is that they are highly successful and extremely productive. Krebs says that.
Continued reading
http://www.technibble.com/unprecedented-spike-in-java-exploits-surfaces/
Three recent vulnerabilities in Java have paved the way for malware exploitation and all three have had patches available for some time. The vulnerabilities are multi-platform (Linux, Mac, Windows) and can allow remote code execution. The MMPC has a table with a few details about the vulnerabilities, what is notable is that two of the vulnerabilities went from hundreds of thousands of attacks per quarter to millions. Another reason that Java attacks are becoming ubiquitous is that they are highly successful and extremely productive. Krebs says that.
Continued reading
http://www.technibble.com/unprecedented-spike-in-java-exploits-surfaces/