Java Continues to be Hackers' Darling
Java Continues to be Hackers' Darling
Posted 11/30/2011 at 5:10am
| by Pulkit Chandna
5
Comments
Print
Java’s ubiquity combined with its propensity to stay out of date on a large chunk of its install base makes it an ideal target for hackers. This is enough to ensure that whenever the subject of third-party software vulnerabilities crops up for discussion Java is somewhere at the top of the ensuing list of those most vulnerable. According to the latest volume of Microsoft’s Security Intelligence Report, Java was responsible for the largest number of attacks in the first half of 2011.
During this period, attackers mounted millions of attacks to exploit the large number of vulnerabilities present in Java Runtime Environment (JRE), Java Virtual Machine (JVM), and Java SE in the Java Development Kit (JDK). If we go back even further to the start of the the third quarter of 2010, Microsoft’s antimalware technologies came face to face with as many as 27 million attacks targeting Java vulnerabilities from then to the end of the second quarter of 2011. That leaves us with a quarterly average as high as 6.9 million during that one year period.
“Many of the more commonly exploited Java vulnerabilities are several years old, and have had security updates available for them for years,” wrote Tim Rains, a director at Microsoft's Trustworthy Computing Group, in a blog post Tuesday. “This illustrates that once attackers develop or buy the capability to exploit a vulnerability, they continue to use the exploit for years, presumably because they continue to get a positive return on investment.”
More like this
5
Comments
Comments are closed on this article
MrHasselblad
November 30, 2011 at 5:51am
Please borrow my idea to help your readers... Could you please expand this article to help those of all (computer) skill levels in showing them how to... Basically turn off and/or delete Java from their computers; also by possibly deleting port access?
I'm quite suprised at how Java issues are able to bypass both most physical firewalls and also software barriers. It's getting so bad with Java; I'll bet a replacement comes out for it and bypasses Java computer figures next year.
blkpanthr
November 30, 2011 at 8:20am
If anyone on this site doesnt know how to do this, they are reading the wrong magazine..
MrHasselblad
November 30, 2011 at 8:45am
I wish I could tell you how many people with flagship gaming computers still can't do elementary tasks such as even; defrag, restore points. or even setting up WiFi properly. But then again it's almost like how the average american isn't even capable of changing their oil in their own car - go figure.
blkpanthr
November 30, 2011 at 11:52am
very true...
but bear iin mind this isnt a gaming mag, its a tech mag catering to people who love high-end pcs, which happen to be mostly gaming PCS.....
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy1 day 16 hours ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj1 day 16 hours ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 13 hours ago
