Hackers and cyber criminals have been exploiting bugs in popular software like java and adobe in order to succeed in their motive. Since last year, its been relatively seen that hackers are much focused on java exploits and actively exploiting them in the wild. We have seen how Drive-by-download and a new variant it i.e. Drive-by-cache were used by cyber criminals. This active report was revealed by the software giant Microsoft.
In Microsoft’s latest security intelligence report, the firm revealed that in the third quarter of 2010 the number of Java attacks increased to fourteen times the number of attacks it saw in the previous quarter.Hackers focused on two particular exploits in the Oracle (previously Sun) Java virtual machine (JVM) engine for executing Java programs, accounting for 85 per cent of Javascript attacks. These attacks actively bypassed protection measures. HTML and scripting exploits, browser plugin exploits etc were the main stream of the attacks. Most of the exploits observed involvement of malicious HTML Iframes that surreptitiously open pages hosting malicious code in users’ web browsers.
The point that would surprise readers is that adobe’s product exploitation went down as compared to java as detailed in the report that was released at the end of last year. Its seems quite interesting how adobe came down in the list, where we see hackers actively exploiting Adobe products. May be its due to the attack vectors that java exploits are being used more in comparison to adobe exploits.We are actively seeing java exploits being used in day-to-day attacks. We advice our readers to update their products and be vigilant. After all there is no patch for human stupidity! 
