Thursday, October 6, 2011

How Do Viruses Sneak Into Your Computer?

 Article first published as How Do Viruses Sneak Into Your Computer? on Technorati. - CC
When was the last time you updated Java, Adobe Reader, Flash or Internet Explorer? These four programs are responsible for 95% of malware infections on Windows computers.

Researchers at the Center for Strategic and International Studies  have monitored over a half million infections over the past three months, utilizing 50 different exploits distributed by 44 different servers. Most malware attempted several different exploitation techniques, searching for known bugs in unpatched software.

The results showed that the vast majority of vulnerabilities in Windows computers were in out-of-date third-party software. The worst offenders were Java, Adobe Reader, Adobe Flash and Internet Explorer.

More disturbing is a whopping 85% of infections were the result of 'drive-by' downloads. These slip into the machine by simply visiting a compromised website or viewing infected .pdf or flash files.

Unsurprisingly, Internet Explorer exploits continue to be common intrusion methods, accounting for 10% of infections, and two-thirds of other infections occurred while using IE.

But don't think your safe just because you are using Firefox, Chrome or Safari. One third of intrusions occurred while using one of these other popular browsers.
Windows XP users accounted for 41% of malware infections, with Vista not far behind at 38%. Windows 7 is better, but still accounts for 16% of exploited machines.

Using a secure browser can help, but the real vulnerabilities exist in add-on programs. Worst is unpatched Java, accounting for 37% of infections. Out-of-date Adobe Reader is not far behind at 32% and old versions of Flash are responsible for about 16%.

Fewer, but still significant numbers of users have been exploited through Quicktime (2%) and disturbingly, Windows Help & Support HCP (3%).

The most important statistic in the study was that almost all exploits (95%) were the result of running out of date versions of one of four specific  programs: Java, Adobe Reader, Adobe Flash or Internet Explorer.

So when was the last time you updated these commonly used browsers or plugins? If your not sure, here are links to their update sites:

Adobe Flash
Adobe Reader
Internet Explorer


1 comment: