Ignoring Java updates is a top security risk, warns G Data

A Java exploit has replaced exploits of PDF file weaknesses to become the most common threat, according to G Data SecurityLabs.

Increased efforts by suppliers of PDF readers to keep their products updated and greater awareness by users has helped reduced these exploits.

But Java vulnerabilities offer cyber criminals a lot of potential on the technical side, said researchers, and the development and distribution of malicious code is considerably easier than other methods of infecting a system.

Topping the list is Java.Trojan.Exploit.Bytverify.N, which exploits a security hole in Java's byte code verifier.

Using this exploit allows the execution of malicious code which could enable an attacker to gain control over a victim's system.

This trojan is typically found on hacked websites, where it attempts to infect PCs through drive-by download through a manipulated Java applet, researchers said.

Just visiting an infected website with an unprotected computer will be enough to infect a system, said Ralf Benzmüller, head of G Data SecurityLabs.

"We have noticed an increasing amount of attacks based on security holes in Java," he said. "Users who do not keep their installed version of Java updated are especially at risk."

Every available software update and security patch should be installed as quickly as possible to close any security holes, said Benzmüller.

Researchers said malware that uses JavaScript vulnerabilities, such as "JS:Downloader" in the sixth spot, is also extremely active at the moment and is constantly being developed by malware authors.

As of October 2010, three variants of this trojan have made it into G Data's malware Top 10.

This story was first published by Computer Weekly

What’s Hot on Infosecurity Magazine?