While mass scattering internet worms were the most common form in order to spread malware around the turn of the millennium, the Web-based attacks in recent years become increasingly dominant.
Symantec came yesterday with the Internet Security Threat Report Volume XV. There are shows that four of the five most exploited vulnerabilities in 2009 were Web-related, meaning that they can be exploited via HTTP (Hypertext Transfer Protocol).
Most exploited the vulnerability of all was the "Microsoft Windows SMB2 '_Smb2ValidateProviderCallback ()' Remote Code Execution Vulnerability," which was discovered in September last year. A security fix was made available in October, but then attack code already in place in several commercial attack tools.
Looking at the Web-based attack isolation, amounted to malicious PDF files as much as 49 percent of the attacks. Given the many serious vulnerabilities that have been removed from the Adobe Reader and Acrobat in the past year, this is not so surprising.
Attacks form located on the second place for 2009, poses in all, 18 percent of the attacks. These exploits a weakness in Microsoft's browser called "Internet Explorer ADODB.Stream Object File Installation Weakness".
This is surprising, because the vulnerability has been known since August 2003. True, Microsoft did not come with a bug fix until July 2004, but still carried the massive attacks against the vulnerability, suggesting that a lot of different reasons, do not install security updates to Windows.
In 2008 this was the most common form of attack. 30 percent of the attacks made attempts to take advantage of this weakness. But even though the proportion has been reduced, the total amount of attacks has doubled from 2008 to 2009, so this old vulnerability still tried exploited at least as active as before.
