Rap Sheets on Top Software Vendors
A new online resource aims to make it easier to gauge the relative security risk of using different types of popular software, such as Web browsers and media players.
A new online resource aims to make it easier to gauge the relative security risk of using different types of popular software, such as Web browsers and media players.
I have long urged readers who have no need for Java to remove the program, because failing to keep this software updated with the latest security patches exposes users to dangerous, ubiquitous attacks. In this blog post, I’ll show readers how attacks against Java vulnerabilities have fast emerged as the top moneymaker for authors of the best-selling “exploit kits,” commercial software designed to be stitched into hacked or malicious sites to exploit a variety of Web-browser vulnerabilities.
Take one look at the newest kit on the block – “Blackhole” — and it is plain that Java vulnerabilities continue to be give attackers the most mileage and profit, and have surpassed Adobe flaws as the most successful exploit vehicles.