Nadradený pojem:
Java, PDF, and Silverlight
Description
Both Java and PDF Internet traffic experienced notable declines in 2016.
Silverlight traffic has already reached a level that is not worthwhile
for threat researchers to track regularly.
Java, once the dominant web attack vector, has seen its security posture improve significantly in recent years. Oracle’s decision in early 2016 to eliminate its Java browser plugin has helped to make Java a less attractive web attack vector. PDF attacks are also increasingly rare. For that reason, they can be easier to detect, which is why many adversaries now use this strategy less often.
However, as with Flash, cybercriminals still use Java, PDF, and Silverlight to exploit users. Individual users, enterprises, and security professionals must be aware of these potential roads to compromise. To reduce their risk of exposure to these threats, they must:
Java, once the dominant web attack vector, has seen its security posture improve significantly in recent years. Oracle’s decision in early 2016 to eliminate its Java browser plugin has helped to make Java a less attractive web attack vector. PDF attacks are also increasingly rare. For that reason, they can be easier to detect, which is why many adversaries now use this strategy less often.
However, as with Flash, cybercriminals still use Java, PDF, and Silverlight to exploit users. Individual users, enterprises, and security professionals must be aware of these potential roads to compromise. To reduce their risk of exposure to these threats, they must:
- Download patches
- Use up-to-date web technology
- Avoid web content that might present risk
Importance
High