Java Attacks Jump as User Patching Lags: Kaspersky Lab
Security Week, By Brian Prince
A new study by researchers with Kaspersky Lab found that the number of attacks on their customers exploiting Java reached more than 14 million between September 2012 and August 2013.
The situation may be exacerbated by many users not keeping up to date with patches. According to Kaspersky Lab, of the 161 vulnerabilities detected in various versions of Java during the life of the study, most were in versions 1.5, 1.6 and 1.7, which are the most prevalent versions of the software.
"Remarkably, SE 6 U37 — released back in October 2012 — was the most recent version of Java 1.6 in the Top 10 most commonly used versions," according to the report. "The conclusions are obvious: one and a half months after the release of the latest version of Java, most users are still working with vulnerable versions." Read more.