Top 5 Stories


Hackers continue to exploit outdated browser plug-ins

07 March 2012

Outdated browser plug-ins continue to be a leading attack vector, according to a recent Zscaler ThreatLabZ report.

Zscaler ThreatLabZ, the research arm of cloud security firm Zscaler, observed that Adobe Shockwave was the most outdated browser plug-in during the third quarter of 2011, with 94% of those installed being outdated.

According to its most recent '2011 State of the Web' report, there was a dramatic shift in the fourth quarter. Shockwave is down to 52% outdated of all installed, and Adobe Reader now tops the list at 61%. Hackers are aware that large amounts of users continue to run outdated plug-ins and use these as an easy attack vector, the report warned.

Botnets comprised the majority of threats seen in December, at 80% of Zscaler blocks. Malicious URLs followed far behind at 14%, while a mere 3% of threats blocked were identified by anti-virus/signature detection.

The report found that enterprises are moving to the more secure Internet Explorer 8. The use of IE 8 has more than doubled in the enterprise over 2011, from 26% of overall IE traffic in January to 55% in December. The report noted that while enterprises are moving to newer and more secure web browsers, IE 9 adoption remains very low.

Overall, IE use in the enterprise followed a slow decline, down to 53% in the fourth quarter from 58% in the third quarter. Meanwhile, Chrome usage saw a big jump from 0.17% of all web browser use in the third quarter to 5% in the fourth quarter, while Safari saw a decline from 7% in third quarter to 4% in the fourth quarter. Firefox usage remained constant at 10%.

In addition, Zscaler ThreatLabZ observed an 85% increase in mobile traffic during the fourth quarter. iPhone and Android devices dominated mobile traffic, accounting for about 87% of such, while Blackberry use fell sharply from 27% to 13% over the quarter.

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×