Java is hackers' most common target
Microsoft's latest security intelligence report states that Oracle's environment accounts for between a third and a half of all exploited vulnerabilities
The most common exploits in the first half of 2011 were those targeting Oracle's Java platform, according to Microsoft's latest security report.
Java, a programming language with applications commonly seen in web interfaces, is installed on hundreds of millions of PCs worldwide. According to Tim Rains, director of Trustworthy Computing at Microsoft, this is why it is a target.
"Attackers have been aggressively targeting vulnerabilities in Java because it is so ubiquitous," he wrote recently on his blog.
Illustrating his point, he cited the large volume of hacking attempts that Microsoft's security software had blocked from Q3 2010 to the end of Q2 2011.
"During this period, Microsoft antimalware technologies detected or blocked, on average, 6.9 million exploit attempts on Java-related components per quarter, totaling almost 27.5 million exploit attempts during the year."
Rains drew attention to the necessity for enterprises and home PC users to keep their software up to date with the latest patches, explaining that many successful hacks could have been prevented.
"Many of the more commonly exploited Java vulnerabilities are several years old, and have had security updates available to them for years.
"This illustrates the fact that once attackers develop or buy the capability to exploit a vulnerability, they continue to use the exploit for years, presumably because they continue to get a positive return on investment."
This point was also made recently by a researcher from security firm Qualys, who found that the attack on RSA in March this year could also have been prevented by regular patching.
Rains concluded with three steps enterprises should take to safeguard against these risks:
- If you haven't updated Java in your environment recently, you should evaluate the current risks. Note: you might have multiple versions of Java in use in your environment and should evaluate with this in mind.
- Keep all software in your environment up to date, not just Windows. Assume attackers are targeting vulnerabilities in all prevalent software.
- Run antimalware software from a trusted vendor and keep it up to date.