Kaspersky: SMS Trojans Account For Over Half Of Smartphone Malware

By Ken Presti
November 02, 2012 6:05 PM ET

Page 2 of 2

"Java has been fiercely under attack for over a decade now," added Schouwenberg. "In that time, Sun [and] Oracle have made no significant security improvements to Java. This is extremely disturbing and should really worry people. The best course of action really is to uninstall Java. Most people really no longer need it."

Schouwenberg advised that "corporations that need it for internal applications should at least disable the Java browser plug-ins. Unfortunately, the plug-ins get enabled again after updating Java. So that's something to watch for."

As another alternative, he recommended that browser settings could be switched to "click to play" in order to prevent the program from running automatically.

Meanwhile, the study ranks Adobe Acrobat Reader second in vulnerable applications that were targeted by exploits during the third quarter, accounting for 25 percent of all attacks. The report also says that Adobe Reader exploits are gradually declining due to enhanced security. Automatic updates, which were introduced in the latest versions of Reader, are believed to be contributing to the decline.

Among other notes, a total of 30,749,066 vulnerable programs and files were detected during the third quarter on computers of Kaspersky Security Network users, with an average of eight different vulnerabilities on each affected computer.

"I find it very telling that over 90 percent of our web detections come from our URL blocker and related technologies," added Schouwenberg. "That means the traditional scanning technologies play a minor role here. It really proves the case that antimalware is much more than just a scanner of sorts."

Nearly one-third of US-based computers were attacked during the third quarter while the user was surfing the web.

Apple's QuickTime and iTunes came in at sixth and seventh place, with vulnerabilities showing up on 13.8 percent and 11.7 percent of computers, respectively.

Microsoft did not appear on the Top 10 vulnerabilities list, marking the first time in history that the software giant has been absent from this list. Kaspersky believes this is largely attributable to enhancements made to the automatic updates mechanism.

PUBLISHED NOV. 2, 2012

<< Previous | 1 | 2

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	10 Security Companies That Have Scored CIA Funding CIA-funded venture firm invests millions in technology startups, mostly security firms. Find out which security companies won In-Q-Tel funding.
	Head-To-Head: Symantec Vs. McAfee In Endpoint Protection McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.
	The 8 Steps Behind The Massive $45M Cyber Bank Heist More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
	More Slide Shows