Internet Explorer vulnerabilities increase 100%
Posted on 23 July 2014.
Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.


Researchers established that:

Hackers increasingly target Internet Explorer – Analysis indicates that Microsoft Internet Explorer vulnerabilities have increased more than 100 percent since 2013, a trend underscored by a progressively shorter time to first patch for its past two releases.

Public JAVA zero-days decline – In 2013, Java led among vulnerabilities and public exploits, but this trend has reversed in 2014. In fact, in the first six months of 2014, there has not been a single public JAVA exploit.

Action Script Spray drives zero-day attacks – Both Internet Explorer and Flash zero-day attacks have leveraged Action Script Sprays, an emerging technique that bypasses address space layout randomization (ASLR) with a return-oriented program (ROP) chain.

“End users remain a primary concern for information security professionals because they are the most targeted and most susceptible to attacks” said Rahul Kashyap, chief security architect, Bromium. “Web browsers have always been a favorite avenue of attack, but we are now seeing that hackers are not only getting better at attacking Internet Explorer, they are doing it more frequently.”

The complete report is available here.





Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //