Adobe Reader & IE Cause Highest Number of Vulnerabilities
According to a report released by M86 Security Labs on July 14, 2010, the most exploited vulnerabilities are usually related to Internet Explorer and Adobe Reader, but the rising target for exploitation is Java, as reported by cnet news on July 14, 2010.
The lab in its recent security report for January-June 2010 has stated that out of the 15 most exploited vulnerabilities used by hackers to propagate malware, four were related to Adobe Reader and five to Internet Explorer.
This trend has recently emerged as cyber criminals search for new methods to minimize the efficiency of several security controls.
The report also highlighted other top 15 vulnerabilities, which affected Real Player, Microsoft DirectShow, Microsoft Access Snapshot Viewer, AOL SuperBuddy and SSreader.
The M86 report concluded that attackers found new and innovative ways to evade the malware detection mechanism. As the current tricks for "covering their tracks" become less proficient, hackers have started employing combined attacks which are quite complicated in nature and complex to detect.
Marc Maiffret, Chief Technology Officer of eEye Digital Security, commented that Java was the next easy target for the hackers, as reported by cnet news on July 14, 2010,.
The report also highlighted another concerned fact - the automated spreading of infection on legal websites by Asprox Botnet. In the month of June (2010), it was found by M86 Security Labs that the Asprox Spambot had infected over 10,000 ASP sites.
The report also discussed about the spam, Canadian Pharmacy, which is the most popular one because it is the most profitable. In the first half of 2010, pharmacy-related spam accounted for 80.7% of the total spam out of which Canadian Pharmacy was alone responsible for 67%.
Related article: Adobe Rates Acrobat Vulnerabilities “Critical”
» SPAMfighter News - 24-07-2010