As a result of its finings, the IT security specialist Kaspersky advises PC users to patch regularly to avoid cybercriminal attempts to exploit the latest software vulnerabilities.
In parallel with the Internet Explorer exploit(s), Kaspersky also logged the now infamous trojan downloader, Gumblar, as also hitting the charts and remaining the most prolific malware program on the global threat landscape.
According to the March statistics, the IT threat landscape evolved significantly during the month, with new programs accounting for more than half of the security vendor's top 20 ranking of malicious programs detected on the internet, and trojan variants continuing to dominate.
However, the biggest event during the month was the Internet Explorer vulnerability issue, with the publishing of what Kaspersky calls "a rather detailed description of a vulnerability that was found to exist in versions 6 and 7 of Microsoft's popular web browser."
This, says the firm's research division, in turn led the exploit to becoming extremely widespread by cybercriminals.
In fact, two variants of the exploit – Exploit.JS.CVE-2010-0806.i and Exploit.JS.CVE-2010-0806.b – wove their way into second and tenth please, respectively, accounting for 199 484 attempted downloads during March 2010.
The veteran IT security firm says that, although software vendors typically patch such vulnerabilities quickly in software programs, it warns that too few computer users are still not installing these patches in time.
The epidemic being caused by the trojan downloader program Gumblar – for example, Trojan-Downloader.JS.Gumblar.x – remained at the top of the chart, whilst a new updated variant was reported, detected as HEUR:Trojan-Downloader.Script.Generic.
Kaspersky says it also identified that cybercriminals are increasingly taking advantage of user gullibility and naivety. The most common malware of this kind used by the cybercriminals in March included rogue antivirus solutions and ransomware.