Adobe Reader & IE Cause Highest Number of Vulnerabilities

According to a report released by M86 Security Labs on July 14, 2010, the most exploited vulnerabilities are usually related to Internet Explorer and Adobe Reader, but the rising target for exploitation is Java, as reported by cnet news on July 14, 2010.

The lab in its recent security report for January-June 2010 has stated that out of the 15 most exploited vulnerabilities used by hackers to propagate malware, four were related to Adobe Reader and five to Internet Explorer.

This trend has recently emerged as cyber criminals search for new methods to minimize the efficiency of several security controls.

The report also highlighted other top 15 vulnerabilities, which affected Real Player, Microsoft DirectShow, Microsoft Access Snapshot Viewer, AOL SuperBuddy and SSreader.

The M86 report concluded that attackers found new and innovative ways to evade the malware detection mechanism. As the current tricks for "covering their tracks" become less proficient, hackers have started employing combined attacks which are quite complicated in nature and complex to detect.

The report added that over the past few months, the researchers had been observing a new technique of code obfuscation that merge together the two scripting language of JavaScript and Adobe's ActionScript. Both the languages are built in Flash.

As per the report, more Java based vulnerabilities have been actively exploited, grabbing hacker's attention towards Java's popularity and broad installation base. In a general attack situation, browsers visiting a legal website are redirected by a concealed JavaScript or iframe to a nasty web page that hosts a Java applet.

Marc Maiffret, Chief Technology Officer of eEye Digital Security, commented that Java was the next easy target for the hackers, as reported by cnet news on July 14, 2010,.

The report also highlighted another concerned fact - the automated spreading of infection on legal websites by Asprox Botnet. In the month of June (2010), it was found by M86 Security Labs that the Asprox Spambot had infected over 10,000 ASP sites.

The report also discussed about the spam, Canadian Pharmacy, which is the most popular one because it is the most profitable. In the first half of 2010, pharmacy-related spam accounted for 80.7% of the total spam out of which Canadian Pharmacy was alone responsible for 67%.

Related article: Adobe Rates Acrobat Vulnerabilities “Critical”

» SPAMfighter News - 24-07-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next