The ZDNet Zero Day blog reports that Microsoft’s (MSFT) recently released Security Intelligence Report identified socially engineered malware (scareware pop-ups; blackhat search engine optimization attacks) enticing users into downloading and executing a malicious file as the most used malware propagation tactic.
Based on a sample of 600 million systems worldwide, MSFT research ranks AutoRun USB infection as the second most used malware propagation tactic, according to Zero Day. Microsoft disabled AutoRun by default on Windows XP and Vista in February to prevent malware infections. The results, at least according to Microsoft, have indicated a significant decline in malware using AutoRun as a spreading mechanism.
The report also points out that zero-day flaws do not necessarily represent a driving force in the growth of malicious attacks or cybercrime in general according to the ZDNet blog. More propagation tactics:
- User Interaction required – 44.8%
- Au
toRun USB – 26% - AutoRun: Network – 17.2%
- File Infector – 4.4%
- Exploit: Update Long Available – 3.2%
- Exploit: Update Available – 2.4%
- Password Brute Force – 1.4%
- Office Macros – 0.3%
- Exploit: Zero Day – 0%
Zero Day points out that Microsoft is missing malware that spreads without user interaction, namely through the exploitation of client-side vulnerabilities in third-party software and browser plugins. The MSFT report says attackers regularly exploit client-side Java. Java exploits were responsible for between one-third and one-half of all exploits observed in the four most recent quarters including:
Oracle (ORCL) (formerly Sun) Java Runtime Environment (JRE),- Java Virtual Machine (JVM)
- Java SE in the Java Development Kit (JDK)
rb-
I wrote about the problems with old versions of Java and JavaRa which can delete all the old unnecessary files java leaves on your hard drive everything Sun Oracle plugs some more holes in their app.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.