Kaspersky Lab announces that almost 32 million vulnerable applications and files were detected on users’ computers in Q3 of 2010. The ten most widespread vulnerabilities even included some for which vendors had distributed patches in the period 2007-2009.
Cybercriminals often use flaws in program code to gain access to data and resources on targeted computers. Malicious programs that are designed especially to take advantage of these vulnerabilities are called exploits and are increasingly widespread. They regularly dominate the Monthly Malware Statistics ratings compiled by Kaspersky Lab’s experts. The notorious Stuxnet worm, which exploits not one but four zero-day vulnerabilities in Windows, is yet another example of just how popular these programs are with cybercriminals.
“Previously, cybercriminals mainly targeted vulnerabilities in the MS Windows family of operating systems. However, over the last few years they have shifted their focus to include Adobe products such as Flash Player and Adobe Reader,” commented Vyacheslav Zakorzhevsky, Senior Virus Analyst at Kaspersky Lab and author of the article ‘Cybercrime Raiders’ devoted to the problem of exploits. “As a result, a new product called Adobe Updater was released to perform a function similar to that of Windows Update: the automatic download and installation of patches for programs installed on users’ computers. At present, Sun, whose Java engine also has vulnerabilities targeted by exploits, is also trying to resolve its update situation.”
Unfortunately, many users do not regularly update the software on their computers. This explains why exploits for patched vulnerabilities are still amongst the most widespread malicious programs detected on users’ computers.
In his article, Vyacheslav Zakorzhevsky strongly recommends users to do the following to avoid infections via vulnerable software: regularly check for software updates, install them as soon as they are released, manually if necessary, and do not click on unknown links or open emails that appear in your inbox if you do not know and trust the sender. In other words, follow the basic rules of computer security. Using browsers such as Google Chrome, Mozilla Firefox and Internet Explorer that come with inbuilt filters that block phishing and other malicious websites will also help reduce the risk of being infected.
The full version of the article ‘Cybercrime Raiders’ is available at www.securelist.com/en.