Tuesday, October 19, 2010

Java being massively exploited

Yes, not only Adobe is being targeted in Windows platforms even though they are making things easy for the black hats :D

As Brian Krebs says, Microsoft is warning about attacks against Java, with vulnerabilities that date back to 2008 (I have investigated attacks that used vulnerabilities patched back in 2006 and continue to be very effective)!

CVE-2008-5353 - 1,196,480 computers infected.
CVE-2009-3867 - 1,119,191 computers infected
CVE-2010-0094 -   173,123 computers infected.

Microsoft says that it kind of makes sense because Java is widely installed and nobody thinks to update it, like Adobe Acrobat. So, it is a nice candidate to be added to exploit packs and get a nice infection rate ;)

No comments:

Post a Comment