Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers, Microsoft said Monday.

Citing research from a recent report, Tim Rains, a director in the company's Trustworthy Computing group, said that up to half of all attacks detected and blocked by Microsoft's security software over a 12-month period were Java exploits.

Altogether, Microsoft stopped more than 27 million Java exploits from mid-2010 through mid-2011.

Most of those exploits targeted long-ago-patched vulnerabilities, said Rains.

The most commonly-blocked Java attacks -- to the tune of over 2.5 million of them -- in the first half of 2011 exploited a bug disclosed in March 2010 and patched by Oracle the same month. Second on the popularity chart for the full 12-month stretch was an exploit of a bug patched in early December 2008, nearly three years ago.

Other bugs that made the actively-exploited list were quashed in November 2009 and March 2010.

Full story: Computerworld