Oracle Java surpasses Adobe Reader as the most frequently exploited software

According to the recently published Kaspersky Security Bulletin 2012, Oracle Java was the most frequently exploited software by cybercriminals during the year, with Adobe Reader and Adobe Flash Player ranking in the second and third places, respectively.

Exploiting vulnerabilities is one of the primary methods used by cybercriminals to install malware on victims’ computers. Cybercriminals exploit applications or software that have un-patched security vulnerabilities, which exist because either the individual or business have failed to patch their vulnerable applications with the latest security updates from vendors.

Exploit packs – or malicious programs that try to infect a computer utilizing various vulnerabilities in popular software – are the main tool behind web-based attacks.

2012: The year of Java vulnerabilities

2012 introduced a number of significant changes in terms of vulnerabilities in popular software. In 2011 the most frequently exploited application was Adobe Reader, which was responsible for 35% of all exploit-related incidents. Java occupied the second place with 25%, and versions of Microsoft Windows accounted for 11% of exploit-related incidents.

In 2012 cybercriminals switched their primary focus to Java. While Adobe Reader was attacked in 28% of security incidents involving vulnerability exploits, Java security holes were responsible for 50% of attacks. Windows components and Internet Explorer were only exploited in only 3% of incidents.

Although Adobe Reader ranked second among applications containing the largest number of vulnerabilities containing web-based exploits in 2012, it should be noted that Adobe has focused more on addressing the problem of vulnerabilities in the latest versions of Adobe Reader. In particular, new measures such as Adobe Sandbox were implemented to make the application more resilient to exploits. These measures make it much harder to create effective exploits for the software.