Please Login or Register

Adobe, Apple and Oracle Top ‘IT-Threats List’ for 2012

Windows nowhere to be found

Could it be that the automatic updates feature in recent versions of Windows are actually making the OS safer? Perhaps so. The most recent round-up of the IT-threats landscape compiled by digital security firm Kaspersky Labs, shows that – for the first time – Windows products are safer than many of its competitors.

Topping the list for 2012 with the two most commonly found vulnerabilities were Oracle’s notorious Java products which were found on 35% and 21.7% of vulnerable computers respectively. The top ten list included five vulnerabilities found in Adobe products  – Adobe Reader (a very popular PDF document reader), Adobe Flash Reader and Adobe Shockwave player. Apple products, specifically Apple iTunes and Apple Quicktime player, feature on the list, as do the popular Nullsoft Winamp media player.

The following is the top ten list of the most popular vulnerabilities, with the number one spot being the most wide-spread vulnerability:

  1. Oracle Java Multiple Vulnerabilities: DoS-attack (Gain access to a system and execute arbitrary code with local user privileges) and Cross-Site Scripting (Gain access to sensitive data). Highly Critical. (35%)
  2. Oracle Java Three Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Extremely Critical. (21.7%)
  3. Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Gain access to sensitive data. Highly Critical. (19%)
  4. Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Bypass security systems. Highly Critical. (18.8%)
  5. Adobe Reader/Acrobat Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Extremely Critical. (14.7%)
  6. Apple QuickTime Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical. (13.8%)
  7. Apple iTunes Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical. (11.7%)
  8. Winamp AVI / IT File Processing Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical. (10.9%)
  9. Adobe Shockwave Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical. (10.8%)
  10. Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Bypass security systems. Gain access to sensitive data. Extremely Critical. (9.7%)

 

Flash is mentioned three times on the list because it has three different (and popular) vulnerabilities. The graph below shows Adobe has the most products in the top 10.

adobe flash reader shockwave oracle java apple quicktime itunes winamp

Vendors of products with the Top 10 vulnerabilities, Q3 2012

 

 

 

 

 

 

 

Threat geography also produced unexpected results with Tajikistan knocking off Russia as the country where users faced the greatest risk of infection via the internet. The safest surfing was in Japan, where only 13.6% of users risked online infection.

 

IT threats 2012 countries

The risk of online infection around the world in 2012