According to Computerworld, Microsoft is warning of an "unprecedented wave" of attacks exploiting vulnerabilities in Oracle's Java software.
Microsoft's Malware Protection Center reports a rise in exploits of Java bugs from less than half a million in the first quarter of 2010 to more than 6 million in the third quarter. In a blog post, Holly Stewart, a senior program manager at the MMPC, calls the jump in Java attacks "scary" and says:
The spike in exploitation was surprising to say the least.
Stewart attributes the rise to attacks on three vulnerabilities, which have already been patched, reports TG Daily. In April, Oracle patched a critical Java bug reported by Google researcher Tavis Ormandy. Stewart says the problem is that people are not updating their machines:
Java is a technology that runs in the background to make more visible components work. How do you know if you have Java installed or if it's running?
Stewart says the problem may be worse than the issues Adobe faces: