Russian-based cyber security company, Kaspersky Labs the developers of Kaspersky Internet Security and other security software, has released its latest IT Threat Evolution Report. Some new and interesting findings have been revealed in the regular quarterly report.
The report after taking into account top 10 vulnerabilities and IT threats suggested Java vulnerabilities (Oracle Java Multiple and Oracle Java Three) continue to be the favorite of cyber punks, accounting for 35% and 21.7% of affected computers respectively. The list of top 10, apart from Java includes five Adobe products (Adobe Flash, Adobe Reader, Adobe Acrobat, etc) and two Apple products (QuickTime player and iTunes).
Apple’s QuickTime and iTunes occupy sixth and seventh place, with vulnerabilities showing up on 13.8 percent and 11.7 percent of computers respectively.
Besides, there is also the popular Nullsoft Winamp Media Player featuring in the vulnerabilities list.
Kaspersky Lab have compiled a complete list of top 10 vulnerabilities rated as highly/extremely critical has been highlighted below
- Oracle Java Multiple Vulnerabilities: DoS-attack (Gain access to a system and execute arbitrary code with local user privileges) and Cross-Site Scripting (Gain access to sensitive data). Highly Critical.
- Oracle Java Three Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Extremely Critical.
- Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Gain access to sensitive data. Highly Critical.
- Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Bypass security systems. Highly Critical.
- Adobe Reader/Acrobat Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Extremely Critical.
- Apple QuickTime Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical.
- Apple iTunes Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical.
- Winamp AVI / IT File Processing Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical.
- Adobe Shockwave Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical.
- Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Bypass security systems. Gain access to sensitive data. Extremely Critical.
What may be interesting to many is that Microsoft products no longer feature among the Top 10 products with vulnerabilities, all thanks to the continuous automatic update mechanism, developed in the most recent version of Windows.
This is one list Microsoft should feel good about not making it to! The software giant has been taking every possible effort to fight and keep its software resistant to vulnerabilities.