Kaspersky Q3 2012 Malware Report – Oracle and Adobe Warnings

Kaspersky’s latest Q3 2012 malware report makes bad reading for Adobe and Oracle but is welcome news for Microsoft – for only the second time in the report’s history (first time was Q2 2011), the top 10 vulnerabilities (to viruses and malware) did not contain any entries from Microsoft.

This was thought to be due to improvements in automatic updates and the continued growth of Windows 7. The top 10 most common vulnerabilities include products from just 4 companies: Adobe (Flash Player, Shockwave Player and Reader), Oracle (Java), Apple (iTunes and Quicktime) and Nullsoft (Winamp).

All 10 vulnerabilities were classified as Highly/Extremely Critical i.e. allow cybercriminals to gain full control of the system using exploits. Three of the vulnerabilities enable attackers to gain access to sensitive data whilst others enable attackers to manipulate data and conduct Denial of Service and cross-site scripting attacks. The key points include:

  • Java vulnerabilities were exploited in more than 50% of all attacks.
  • 5 out of the top 10 vulnerabilities were in Adobe products.
  • Local infection levels in the US, UK, Canada and Australia are in the lowest risk group i.e. less than 21% of unique users subject to web attacks.
  • Local infection levels in India remain in the highest risk group of countries with 63% of unique users subject to web attacks.
  • Just 10 countries worldwide host 86% of the web resources used to spread malware – Russia (23.2%) has overtaken US (20.3%) as the ‘leader’ in hosting malicious content.
  • Browsing websites remains the riskiest activity on the internet – malicious websites were responsible for nearly 90% of detected infections by malware.
  • The Android versions most commonly targeted by malware are 4.0.4 Ice Cream Sandwich and 2.3.6 Gingerbread with ICS being (proportionally) by far the worst affected – in 43% of all Android malware cases, the victims had ICS – even though it is only installed on 23.7% of Androids.

The full list of the top 10 vulnerabilities and the respective company is:

1. and 2. Oracle – Java
3. and 4. Adobe – Flash Player
5. Adobe – Reader
6. Apple – Quick Time
7. Apple – iTunes
8. Nullsoft – Winamp
9. Adobe – Shockwave Player
10. Adobe – Flash Player


Steps To Take

1. Consider uninstalling Java completely if you don’t really need it – only about 0.2% of websites still require it.

2. Keep Adobe Reader updated – the latest version XI adds enhanced security. Or consider switching from Adobe Reader to a free PDF alternative.

3. Keep Adobe Flash Player updated – newer versions add security features and the option to enable automatic updates.

4. Consider uninstalling Shockwave Player if you do not use it – although it is still used by some multimedia/games sites they are increasingly rare. If in doubt, try disabling Shockwave Player in your browser for a few weeks and see if any sites require it. If not, uninstall it and you will never have to worry about future updates or security risks from Shockwave again.

5. See our guide on the best antivirus software – a poorly performing or free product may be a false economy.

6. Follow our advice on how to avoid virus infections.

[The full Kaspersky malware report is available at Securelist here]