Programs containing vulnerabilities that are most often used by hackers

Posted: February 9, 2013 in Articles
Tags: , , ,

Kaspersky LabExperts of “Kaspersky Lab” analyzed programs containing vulnerabilities that are most often used by hackers to commit attacks on computers.

According to a published report, an average of one user account for 12 vulnerabilities in the software. All in all, it was discovered more than 132 million vulnerable applications. These and other figures and was able to identify trends in the study of data from 11 million computers in the composition of the cloud network Kaspersky Security Network, from January to December 2012.

Last year it was discovered 806 unique vulnerabilities. Only 37 of them were found in at least 10% of the computers for at least one week in the period of analysis. This sensitive software that can attract the attention of criminals. 37 These vulnerabilities have been found in 11 different groups of programs. The most vulnerable are the products Adobe Shockwave / Flash Player, Apple iTunes / QuickTime and Oracle Java.

Kaspersky Lab report

Distribution of vulnerabilities on software group. (For each group shows the number of prevalent vulnerabilities, as well as the time when vulnerabilities are discovered)

In the study, it became clear that even when the software maker is making every effort to detect security breaches and timely updates are released, hackers exploited a known vulnerability in millions of computers can be closure for several months after was discovered and corrected. There vulnerable software and which are still on the computer and in a few years after the discovery and correction.

“The most alarming conclusion from this study is that users of the three most vulnerable applications (Java, Flash Player and Adobe Reader) are extremely reluctant to move to new, safer version – says expert Kaspersky Lab, Head of Vulnerability Research Vyacheslav Zakorzhevsky. – For further study using Oracle Java becomes clear just how serious the situation: seven weeks after the release of a new version of the update, do at least 30% of users, despite the real threat of data theft. To achieve the same level users to install new updates are the most popular web browsers need only 5-7 days. “

That the user can freely choose any program requiring special precautions.

“Kaspersky Lab” gives a few recommendations:

– Updates for new versions of installed software and uninstall programs you do not use. Pay special attention to programs Oracle Java, Adobe Flash Player and Adobe Reader – Vulnerability in these programs are used most often;

– Do not think that if you use a computer Apple, you are automatically protected against vulnerabilities. Unfortunately, the threats most often work on multiple platforms at once. For example, the notorious botnet Flashfake exploit vulnerabilities in Java.

The same applies to the platform Linux:

– Although attackers attacked her less, it can become an entry point for an attack on the target company;

– Always use protective software: for the most recent versions of all programs do not protect you against the latest exploits, exploit vulnerabilities “zero day”. “Kaspersky Lab” offers a new technology designed to detect and block even new and unknown exploits, called Automatic Exploit Prevention.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s