Exploit kits on rise as Java attacks fall

Hackers are increasingly making use of exploit kits to attack computers, according to a report from the software vendor Microsoft.

Around 2.5% of the firm’s real-time security products encountered exploit kits or other HTML and JavaScript exploits during the second quarter of this year, making it the most common category of attack.

"Exploit kits are collections of exploits bundled together and sold as commercial software or as a service," Microsoft said."Prospective attackers buy or rent exploit kits on malicious hacker forums and through other illegitimate outlets."

Overall, exploit kits accounted for half of the top 10 most commonly encountered exploits during the first half of the year.

Java exploits were detected by less than a percentage of Microsoft antimalware products, while Adobe Flash Player, Browser and document exploits were detected by around 0.1% of machines.

"A typical kit contains a collection of webpages that contain exploits for several vulnerabilities in popular web browsers and browser add-ons," Microsoft added.

"When the attacker installs the kit on a malicious or compromised web server, visitors who don’t have the appropriate security updates installed are at risk of infection through drive-by download attacks."

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing