Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Over 30 million vulnerabilities detected on users’ computers

October 2010 Information Security, News & Events

Kaspersky Lab announces that almost 32 million vulnerable applications and files were detected on users’ computers in Q3 of 2010. The 10 most widespread vulnerabilities even included some for which vendors had distributed patches in the period 2007 to 2009.

Cybercriminals often use flaws in program code to gain access to data and resources on targeted computers. Malicious programs that are designed especially to take advantage of these vulnerabilities are called exploits and are increasingly widespread. They regularly dominate the Monthly Malware Statistics ratings compiled by Kaspersky Lab’s experts. The notorious Stuxnet worm, which exploits not one but four zero-day vulnerabilities in Windows, is yet another example of just how popular these programs are with cybercriminals.

“Previously, cybercriminals mainly targeted vulnerabilities in the MS Windows family of operating systems. However, over the last few years they have shifted their focus to include Adobe products such as Flash Player and Adobe Reader,” commented Vyacheslav Zakorzhevsky, senior virus analyst at Kaspersky Lab and author of the article ‘Cybercrime Raiders’ devoted to the problem of exploits. “As a result, a new product called Adobe Updater was released to perform a function similar to that of Windows Update: the automatic download and installation of patches for programs installed on users’ computers. At present, Sun, whose Java engine also has vulnerabilities targeted by exploits, is also trying to resolve its update situation.”

Unfortunately, many users do not regularly update the software on their computers. This explains why exploits for patched vulnerabilities are still amongst the most widespread malicious programs detected on users’ computers.

In his article, Vyacheslav Zakorzhevsky strongly recommends users to do the following to avoid infections via vulnerable software: regularly check for software updates, install them as soon as they are released, manually if necessary, and do not click on unknown links or open e-mails that appear in your inbox if you do not know and trust the sender. In other words, follow the basic rules of computer security. Using browsers such as Google Chrome, Mozilla Firefox and Internet Explorer that come with inbuilt filters that block phishing and other malicious websites will also help reduce the risk of being infected.

The full version of the article ‘Cybercrime Raiders’ is available at www.securelist.com





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

The impact of AI on security
Technews Publishing Information Security AI & Data Analytics
Today’s threat actors have moved away from signature-based attacks that legacy antivirus software can detect, to ‘living-off-the-land’ using legitimate system tools to move laterally through networks. This is where AI has a critical role to play.

Read more...
Workflow and asset management solutions
Asset Management News & Events
Zamatrack’s innovative workflow and asset management solutions feature the Worxit platform. This all-in-one solution allows businesses to streamline operations with real-time tracking, GPS data, and custom reports.

Read more...
SAQCC Gas awareness
Associations News & Events
SAQCC Gas will raise awareness within the gas industry by emphasising the importance of using registered gas practitioners and getting a Certificate of Compliance (CoC) for all your gas systems.

Read more...
Managed security solutions for organisations of all sizes
Information Security
Cyberattackers have become significantly more sophisticated and determined, targeting businesses of all sizes. PwC’s Global Digital Trust Insights Survey 2025 Africa and South Africa highlights the urgent need for organisations to implement robust cyber risk mitigation strategies.

Read more...
Multiple IoT devices targeted
Information Security Residential Estate (Industry)
Mirai remains one of the top threats to IoT in 2025 due to widespread exploitation of weak login credentials and unpatched vulnerabilities, enabling large-scale botnets for DDoS attacks, data theft and other malicious activities.

Read more...
Fire safety in focus
Securex South Africa Fire & Safety News & Events
Firexpo Cape Town visitors will not only compare technologies side-by-side, but also connect with suppliers and experts who understand both the region’s regulatory framework and its unique environmental risks.

Read more...
Local-first data security is South Africa's new digital fortress
Infrastructure Information Security
With many global conversations taking place about data security and privacy, a distinct and powerful message is emerging from South Africa: the critical importance of a 'local first' approach to data security.

Read more...
Sophos launches advisory services to deliver proactive cybersecurity resilience
Information Security News & Events
Sophos has launched a suite of penetration testing and application security services, designed to identify gaps in organisations’ security programs, which is informed by Sophos X-Ops Threat Intelligence and delivered by world-class experts.

Read more...
Kaspersky highlights biometric and signature risks
Information Security News & Events
AI has elevated phishing into a highly personalised threat. Large language models enable attackers to craft convincing emails, messages and websites that mimic legitimate sources, eliminating grammatical errors that once exposed scams.

Read more...
Keenfinity launches Radionix as new intrusion brand
Perimeter Security, Alarms & Intruder Detection News & Events
Keenfinity Group’s Intrusion & Access Business Unit has launched Radionix as its new brand for intrusion alarm systems, unlocking new potential and growth opportunities.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.