Java Exploits Up, Adobe Attacks Down: Cisco Report

By Stefanie Hoffman, CRN
November 17, 2010 7:13 PM ET

Page 1 of 2

Java exploits appear to be increasing as attacks targeting Adobe Reader and Acrobat decline, according to a Cisco 3Q10 Global Threat Report, released Wednesday.

Java exploits rose from 5 percent of all malware encounters in July to 7 percent in September. Conversely Adobe Reader and Acrobat experienced a decline in exploitats throughout the quarter, falling from 3 percent of all malware encounters in July to 1 percent in September.

Security experts said the increase in Java exploits represents a continuation of a trend occurring through the year.

Mary Landesman, market intelligence manager at Cisco, said that the decline in Adobe exploits likely has little to do with the platform being more secure. Rather, hackers have migrated away from Adobe platforms in an effort to find alternative distribution methods for attacks, such as vulnerable Java applications. Hackers gravitated toward Java, in part, due to higher availability of public exploit code, among other reasons, she said.

"It really has much more to do with the preferences being made by the attacker," she said. "When the Java exploits were made public, (hackers) saw such a big uptick in infection rates that they decided to focus more on Java and a bit less on Adobe."

Landesman said that malware authors also gravitated toward Java exploits because they are often first to be delivered when a user visits a compromised site.

"Whatever gets delivered first is the one that attackers will be able to use to reach the highest number of victims," Landesman said. "They're getting the low hanging fruit."

Other reasons for the uptick could be attributed to the fact that Java updates are still not, by and large, on the public radar, coupled with an inconsistent update delivery model that sometimes left older versions of the application on the system along with the newly installed patches.

"Users are not aware that they have Java. They're not aware that it needs to be updated, or that it's supposed to be updated," she said, adding that Java would likely change its update model to a more regularly scheduled patch cycle down the road.

"We'll hopefully see the same sorts of changes with Java patch delivery that we've seen with other targeted applications, where the vendor has revamped that process," she said.

Next: Channel Partners Say They've Seen Rise In Java Exploits

1 | 2 | Next >>

To continue reading this article, please download the CRN Tablet Edition app from the iPad App store.

Related: Videos | Slide Shows | ChannelCasts | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Bit9 Security Survey: Nobody Wants To Be A Headline What's keeping IT security professionals awake at night? These survey results provide insight into perceived threats and vulnerabilities, the effectiveness of security practices, and opinions about disclosure practices.
	Nix That Click: Six Scareware Scams To Watch Out For SpywareRemove.com provides a list of some of the nastiest rogue antispyware programs out there -- designed to trick people into paying to remove malware from their computers.
	Malicious Malware: Six Ways Cybercriminals Beat Security Cybercriminals have become adept at going around the latest security defenses. Here's a list of some of the most innovative malware in use today.
	More Slide Shows