For corporate users, exploits – malicious programs that utilize
vulnerabilities in legitimate software to penetrate a computer – are dangerous because
an attack on company computers can disrupt business processes and lead to huge
losses – both financial and reputational. The use of exploits drastically
increases the efficiency of targeted cyber-attacks on organizations. One recent
example is the Careto malware which
affected at least 380 public and private targets worldwide. Protecting
corporate clients becomes more difficult when companies have to use software
that is only compatible with older – and consequently more vulnerable – versions
of Java, for which the majority of exploits are written today.
As such, MRG Effitas investigated the level of anti-exploit protection of
six corporate products from different vendors. MRG Effitas selected 110
malicious links containing exploits to test the products; the vast majority
(98) of which targeted the Java platform which has seen an increase in exploits over the last two years. Kaspersky Endpoint Security for
Business was not only tested as an integrated product, but its Automatic Exploit Prevention module,
used in all Kaspersky Lab protection solutions, was also tested in isolation
from all other protection mechanisms.
The testing was divided into two stages. The first stage determined the
percentage of exploits blocked at an early phase, before the malicious code started
its destructive activity. The second stage was less stringent and the security
solution was awarded a “pass” even if it failed to block the initial exploit
but managed to counter any malware it tried to load.
Kaspersky Endpoint Security for
Business demonstrated the best results in the first stage, blocking 98 percent of
exploits. Even when Automatic Exploit Prevention was tested in isolation,
without any other security features, the solution performed better than most of
the other participants and shared second place after blocking 95 percent of the
exploits. During the second stage, Kaspersky Endpoint Security for Business
blocked 100 percent of the threats; a result matched by only one other product.
Other participants scored no higher than 94 percent.
Testing was carried out on a 64-bit
version of Microsoft Windows 7 Enterprise SP1. Applications which were most
frequently targeted by exploits in the preceding year, such as Java 1.7, Adobe
Reader 9.3, Flash Player 10.1, Silverlight 5.1 and Internet Explorer 8.0, were
also installed on the test computers.
Oleg Ishanov, Director Anti-Malware Research
"To date, no serious cyber-attack targeting an organization can function
without exploits. Acting as secretly as possible, exploits seize control of the
computer and then run malicious code that unleashes the main part of the
attack. So it is much safer to block the exploit at the first stage, before it
can load malicious programs onto the computer. The MRG Effitas test
demonstrated that our Automatic Exploit Prevention technology can cope with
this task better than our competitors’ solutions, even when isolated from the
other security sub-systems in the product.”
Kaspersky Lab Kaspersky Lab is the world’s largest privately held vendor of endpoint
protection solutions. The company is ranked among the world’s top four vendors
of security solutions for endpoint users*. Throughout its more than 16-year
history Kaspersky Lab has remained an innovator in IT security and provides
effective digital security solutions for large enterprises, SMBs and consumers.
Kaspersky Lab, with its holding company registered in the United Kingdom,
currently operates in almost 200 countries and territories across the globe,
providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.
* The company was rated fourth in the IDC rating
Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published
in the IDC report "Worldwide Endpoint Security 2012–2016 Forecast and 2011
Vendor Shares (IDC #235930, July 2012). The report ranked software vendors
according to earnings from sales of endpoint security solutions in 2011.
For the latest in-depth information on security
threat issues and trends, please visit: