These 2 pieces of bad news could make a bad combination.
The first piece of bad news is the recent upswing in attacks on Oracle’s Java software. According to a Computerworld article published today, the past 9 months has seen a whopping increase in attacks, from ‘less than half a million in the first quarter of 2010 to more than 6 million in the third quarter.’ Much of the focus of these attacks has been on 3 vulnerabilities that were supposedly patched months, even years ago.
Java is a cross-platform program that can run on Windows, Macs and Linux, and is the most targeted software for drive-by malware. Many security experts are recommending that you uninstall Java if you don’t need it.
The second piece of bad news confirms the decline in effectiveness of consumer antivirus programs no it’s not just your imagination. Because of the increasing rate of malware attacks (both email such as in .exe files and web), AV vendors are having a hard time keeping up and adjusting to the new exploits.
NSS Labs, an independent research company, recently conducted tests comparing 11 consumer-based security suites including McAfee, Norton, Microsoft’s Security Essentials, ESET, and AVG, among others. The tests focused on client-side protection, i.e. the ability to block the download and execution of email containing malicious software programs in addition to detecting and blocking malicious websites.
Here are the so-called highlights of their report:
- Malware protection is far from commodity, with effectiveness ranging between 54% and 90%, a 36% spread
- Cybercriminals have between a 10% – 45% chance of getting past your AV with Web Malware (depending on the product)
- Cybercriminals have between 25% – 97% chance of compromising your machine using exploits (depending on the product)
Ouch!
This report is free and available to the public. Get it, read it, and do what you can to protect yourselves.
Leave a Comment