Microsoft: Beware of 'Unprecendented Wave' of Java Attacks

Kara Reeder

According to Computerworld, Microsoft is warning of an "unprecedented wave" of attacks exploiting vulnerabilities in Oracle's Java software.


Microsoft's Malware Protection Center reports a rise in exploits of Java bugs from less than half a million in the first quarter of 2010 to more than 6 million in the third quarter. In a blog post, Holly Stewart, a senior program manager at the MMPC, calls the jump in Java attacks "scary" and says:

The spike in exploitation was surprising to say the least.

Stewart attributes the rise to attacks on three vulnerabilities, which have already been patched, reports TG Daily. In April, Oracle patched a critical Java bug reported by Google researcher Tavis Ormandy. Stewart says the problem is that people are not updating their machines:

Java is a technology that runs in the background to make more visible components work. How do you know if you have Java installed or if it's running?

Stewart says the problem may be worse than the issues Adobe faces:

In fact, by the beginning of this year, the number of Java exploits (and by that I mean attacks on vulnerable Java code, not attacks using JavaScript) had well surpassed the total number of Adobe-related exploits we monitored.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making


SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data