November 29th, 2011, 20:32 PM
Hackers launch millions of Java exploits, says Microsoft
Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers, Microsoft said Monday.
Citing research from a recent report, Tim Rains, a director in the company's Trustworthy Computing group, said that up to half of all attacks detected and blocked by Microsoft's security software over a 12-month period were Java exploits.
Altogether, Microsoft stopped more than 27 million Java exploits from mid-2010 through mid-2011.
Most of those exploits targeted long-ago-patched vulnerabilities, said Rains.
The most commonly-blocked Java attacks -- to the tune of over 2.5 million of them -- in the first half of 2011 exploited a bug disclosed in March 2010 and patched by Oracle the same month. Second on the popularity chart for the full 12-month stretch was an exploit of a bug patched in early December 2008, nearly three years ago.
Other bugs that made the actively-exploited list were quashed in November 2009 and March 2010.
Full story: Computerworld