Java Exploits Currently the Commonest Threat: G-Data

According to Security Company G Data Security Labs, a Java attack code is now the commonest danger on the Web replacing attack codes that exploit PDF flaws.

Revealed the company, Java.Trojan.Exploit.Bytverify.N abused vulnerability within the byte code confirmer of Java. The malware facilitated in running arbitrary codes with which a hacker could take over a user's computer.

Also, while generally existing on compromised sites, the Trojan tried to contaminate computers via drive-by download attacks using a malicious Java applet, emphasized the company's experts.

The experts also said that Java flaws presented online crooks plenty of technical potentiality. What's more, they helped to develop and spread malware much more easily compared to other computer infection techniques, they said. ComputerWeekly.com reported this on November 8, 2010.

Additionally, the experts highlighted in their research that malicious software, which abused JavaScript flaws like "JS:Downloader," too was presently very active and that malware writers were continuously developing it.

Furthermore, G-Data as well emphasized that it was observing a rise in the number of assaults against Java, a truth that Microsoft too has pin-pointed. According to the software major, there has been a spike in Java exploits to more than 6m during Q3 2010 i.e. July-September 2010 and therefore they account for the topmost threat now targeting any PC.

One more security company F-Secure reported that there were numerous Java exploits counting to some thousands and that they were capable of causing security problems. Zdnet.co.uk reported this during the 3rd week of October 2010.

In the meantime, Brian Krebs, ex-reporter of Washington Post has also indicated Java's risks. Therefore he recommends in his articles that users should waive off installing Java unless absolutely necessary. Itpro.co.uk reported this during the 3rd week of October 2010.

More specifically Krebs advises that users should pause and see whether the Java program is loaded onto their systems, and in case it is there, they need to ensure that it is fully updated. He informs that during the latter part of October 2010, Oracle released one more update, Java 6, Update 22, which patches no less than 29 vulnerabilities within the program.

Related article: Job Hunters Conned By Mystery Shopping Scammers

» SPAMfighter News - 11/13/2010