Microsoft warns of "unprecedented" Java attacks

by Nicole Kobie  |  Wednesday 20 October 2010
Microsoft warns of "unprecedented" Java attacks

Java attacks have jumped from half a million to over six million in just a few months

Java attacks have jumped by more than 1,200% in only a few months, according to Microsoft.

The number of attacks jumped from fewer than half a million in Q2 this year to well over six million in Q3, according to data from Microsoft.

Holly Stewart, a researcher at the Microsoft Malware Protection Center, revealed that attacks on vulnerable Java code - not those using JavaScript - had topped the total number of attacks using Adobe exploits.

"What I discovered was that some of our exploit 'malware' families were telling a scary story - an unprecedented wave of Java exploitation," Stewart said in a Microsoft blog post, with data showing 6,412,482 attacks against Java hitting 2,488,794 computers in the quarter.

She blamed the Java spike on three vulnerabilities, all of which have been patched for a while. "Java is ubiquitous, and, as was once true with browsers and document readers like Adobe Acrobat, people don't think to update it," she noted. "On top of that, Java is a technology that runs in the background to make more visible components work. How do you know if you have Java installed or if it's running?"

She advised users to install patches and deploy real-time security protection.

 

This article originally appeared at pcpro.co.uk

Related Articles

Source: Copyright © PC Pro, Dennis Publishing

See more about:  microsoft  |  warns
 
 
Comments: 3
lawrence_o
20 October 2010
 "not updated". Sure. Microsoft knows ALL about security risks due to "not updated" windows... She forgot to mention how many of the attempts were successful. Also, she forgot to mention how many attacks on .NET there are... Simply put, people attack ports that are open. Being left open by any service. This can be a .NET service, a JAVA service, any service basically... This is merely an attempt to denigrate the JAVA community in favor of their platform dependent, older and less robust and less functional .NET environment. Simple as that.


Comment made about the PC Authority article:
Microsoft warns of "unprecedented" Java attacks?
Java attacks have jumped from half a million to over six million in just a few months

What do you think? Join the discussion.
j876
27 October 2010
 The best protection against these sorts of vunerabilities is to update the Java runtime environment to check for updates at least once a month and make sure that the browser in use is the latest version and updated.

Java, by design, is platform independant it does not matter which OS you use. If the Java Virtual Machine is not updated regularly you only have to look at one infected web page that exploits vunurabilities in the virtual machine and your computer is compromised.

Java is developed by Sun Microsystems not Microsoft and like Adobe software as a user you have to go direct to the source www.java.com for updates.
blockcentre
27 October 2010
lawrence_o wrote:
This is merely an attempt to denigrate the JAVA community


No, not the community, but I would think JAVA itself.
Comments have been disabled for this article.
Most Read Most Discussed

Latest Comments

Powered by Disqus

Latest Poll

Which side are you choosing in the new console wars?
or View results
The Xbox One
  17%
 
The PlayStation 4
  29%
 
A console? Good Lord no - PC for me thanks!
  54%
TOTAL VOTES: 1309

Vote now
View previous Polls »
Ads by Google

From our Partners

PC & Tech Authority Downloads