Feb 04, 2013
If January is anything to go by, then 2013 should be another doozy of a year for malware-plagued businesses. The year started off with the exploitation of a previously unknown Java vulnerability -- a spot-on example of why malware attackers are so successful these days.
The assault put millions of Java users at risk, as in many recent malware attacks, by taking advantage of flaws in a popular client-side application. In this case, it was Java's browser plug-in. But attackers often target other plug-ins, such as Flash, and document applications like Word and Adobe Reader. The January Java attack used a zero-day exploit, in which previously unknown vulnerabilities are targeted. Zero-day exploits are effective because victims wouldn't have patched to block them or spotted them via antivirus signatures, the digital fingerprints of known malware variants used to blacklist malware.