Microsoft: Flash Content Found on 90 Percent of All Malicious Web Pages

[Exterminator]

Content source

http://news.softpedia.com/news/microsoft-flash-content-found-on-90-percent-of-all-malicious-web-page-504872.shtml

Microsoft has issued a smaller report to summarize the mammoth 160-page bi-annual Security Intelligence Report (Volume 20), released at the start of May.

The company's security personnel has sifted through the entire report and extracted ten key points which they believe are to be this year's top cyber-security trends.

A rise in more severe vulnerabilities
Microsoft says that during the past three years, the numbers of security bugs didn't only go up, but also became more severe.

The company's experts say that in 2015, 41.8 percent of all vulnerability disclosures were given a severe mark, a trend that's bound to continue as more and more IoT devices are analyzed.

Java exploitation is dying
Microsoft says that crooks moved on from exploiting Java flaws. The reason behind this may be Oracle's addition of a security feature called Click2Play, which has made it very hard to exploit Java objects automatically.

A similar report from the NTT group also reached the same conclusion that Microsoft did, pointing out that most exploit kits in 2015 stopped using Java altogether, focusing more on Flash.

Home users see more malware than business users
With companies realizing the dangers of malware and data breaches to their reputation and financial bottom line, more businesses are investing in stronger security solutions.

This has reflected in more infections on home computers, rather than work PCs, mainly because they're more likely to run without powerful antivirus solutions or a big firewall protecting them from all kinds of threats.

Malware goes international
In the past, many security vendors have seen malware target predominantly developed countries, especially the US, Australia, and the EU zone.

During 2015, Microsoft reports that the locations with the highest malware infection rates were Mongolia, Libya, the Palestinian territories, Iraq, and Pakistan. This can be explained by the presence of outdated devices in these countries, but also by the proliferation of malware that doesn't necessarily go after the infected user's bank account, and only uses his machine as part of a botnet, not caring where the machine is located.

Exploit kits enter primetime
Also during the past year, Microsoft says that 40 percent of all malicious user exploitation attempts came exploit kits.

This has been facilitated by the rise of Malware-as-a-Service operations on the Dark Web, which has seriously reduced the technical skills needed to enter and run cyber-crime campaigns.

Flash will continue to be the most targeted technology
To nobody's surprise, Adobe Flash content was found on 90 percent of all the malicious Web pages were user exploitation was detected.

The danger surrounding Flash usage has been known for years now, and Microsoft once again hihglighted "the importance of keeping Adobe Flash Player updated."

ActiveX controls detected on malicious webpages through IExtensionValidation in 2015, by control type
The rise of security flaws in non-browser and non-OS technology
During the past years, security bugs discovered in browsers, browser-related technology, and at the OS level, dominated the infosec domain.

In 2015, Microsoft says that 44.2 percent of all security flaws were found outside browsers and operating systems, in products like cloud services, IoT equipment, routers, and other network equipment.

Get ready for more trojans
Trojans are computer viruses that employ social engineering to trick users into installing them. During the past year, Microsoft saw a rise of 57 percent in terms of new trojans, which it expects to grow this year as well.

Microsoft recommends companies to train employees into the most common distribution methods used by these threats, such as phishing emails, Office macros, or fake file icons.

More complex malware
Malware creation has become a worldwide economy of its own, and malware coders are competing against each other on the global market, with specific techniques seen in each country.

Malware coders in Russia and Brazil are known to be some of the most creative, and Microsoft says that this underground economy is going to produce more dangerous and complex threats as it continues to develop.

Microsoft: Other software companies have problems too
Microsoft says that despite its reputation of having products with huge security flaws, statistical numbers don't support this statement anymore.

The company points out that less than 10 percent of all the recent security flaws were found in its products. Microsoft says that companies should be well aware that a security incident can originate from anywhere, not just its Windows desktop, and that other vendors are just as bad, if not worse at managing their products' security.

 

[Entreri]

And most home users are utilizing an admin account and are more liberal in their browsing habits. When even major sites can infect most users with malware...RIP

 

[enaph]

Home users see more malware than business users
With companies realizing the dangers of malware and data breaches to their reputation and financial bottom line, more businesses are investing in stronger security solutions.

Seems obvious since most business users are using the workastations with very limited privileges.
There are no special investments in software needed at this level but just a team of smart, well educated admins.

 

[jamescv7]

So far and unfortunate that many wanted convenient rather in security where HTML5 is still new and needs to evolve from many time.

 

[soccer97]

So far and unfortunate that many wanted convenient rather in security where HTML5 is still new and needs to evolve from many time.

Agreed. I can't tell you how many blocked pages have popped up in HeimdalPro from their Secure DNS within the past 2-4 weeks. Some are easily determined as FP's, but a lot are ad networks getting by AdGuard.

YouTube was a leader in moving to HTML 5. Hopefully as new sites evolve or are created they will develop them using it natively. It takes academic institutions taking the initiative to switch from teaching only JS and things like Photoshop though. That's one major step.

Hey, at least more and more sites are using at minimum SSL now, and more are moving towards TLS. That's some improvement.

AV-Test is listing 64-bit apps as more effective at protecting themselves using DEP and ASLR. In the meantime, try switching to Chrome and Firefox 64-bit.

AV-Test Results for Windows Apps (as of 10/2015) -latest


Source:
Self-Protection in Windows Applications: How Secure are PDF Readers, Java and Browsers?