For centuries, a rite of passage for French gourmets has been the eating of the Ortolan. These tiny birds—captured alive, force-fed, then drowned in Armagnac—were roasted whole and eaten that way, bones and all, while the diner draped his head with a linen napkin to preserve the precious aromas and, some believe, to hide from God.
- Cybercrime is not driven by the use of zero day flaws, but by the millions of people using the Internet with outdated software – It’s a simple fact that has so far contributed to the rise and rise of some of the most prolific botnets, and outdated flaws within popular applications remain the main vehicle for Zeus crimeware infections. Naturally, there are campaigns that exclusively rely on recently published flaws, but the window of opportunity offered by those would be closed sooner than the one of all the outdated applications running on the same PC, combined. It’s the cybercriminal’s mentality of traffic optimization for malicious purposes, (See example: Money Mule Recruitment Campaign Serving Adobe/Client-Side Exploits), that offers the highest probability of infection.
- Microsoft OS/software specific vulnerabilities are only a part of the drive-by exploits cocktail served by web malware exploitation kits – You would be surprised to know how many people are so obsessed with “Patch Tuesday” that they exclude the decent number of outdated browser plugins and third-party software installed on their PCs. The result? A false feeling of security, which combined with an outdated situational awareness on how modern web malware exploitation kits work, leads to a successful drive-by attack. It shouldn’t come to as a surprise that, not only did malicious PDF files comprise 80 percent of all exploits for 2009, but also, the use of Microsoft Office files for targeted attacks is declining. Two years ago, Microsoft in fact confirmed this trend – Microsoft: Third party apps killing our security.
Therefore, the increasing use of malicious PDFs can also be interpreted as the direct result of the millions of users using outdated and exploitable Adobe products, with the only preference a malicious attacker could have in this case remaining the incentive based on the 99% penetration of Adobe Flash on Internet-enabled PCs. But how is the possible that with such a high market share, ScanSafe’s report shows that Adobe Acrobat/Reader exploits grew while the use of Flash exploits declined?