According to Cisco, the number of Web-based attacks targeting Java vulnerabilities has increased throughout the past quarter, while the rate of PDF exploits has decresed.In its Global Threat Report for the third quarter of 2010 [pdf], the company reveals that, on average, enterprises encountered 133 Web malware attacks per month, with August being the busiest one.
Of those, 65 percent did not involve exploits or were blocked before the exploit code executed.
As far as the rest go, the most commonly targeted vulnerabilities were located in Java, Adobe Reader and Flash Player.
Java exploits were the most prominent ones. They started by representing 5% of all Web malware attacks in July and ended by accounting for 7% in September.
This conclusion is in line with reports from other vendors, who named Java as the most targeted application in drive-by download attacks.
Microsoft also reported an unprecedented rise in exploitation attempts against Java vulnerabilities during the third quarter, claiming that their number peaked at well over 6 million.
The really bad news is that, according to data collected from actively used exploit toolkits, these Java attacks have a high success rate.
Meanwhile, the rate of PDF-based exploits that target vulnerabilities in Adobe Reader and Acrobat, has decreased from 3% in July to 1% in September.
This doesn't mean, however, that PDF attacks have a lower risk. While most Java exploits target old vulnerabilities, actively exploited Adobe Reader zero-day flaws have become a common occurrence.
Hopefully, the release and subsequent adoption of the upcoming Adobe Reader X, which features a sandbox enabled by default, will drive cybercriminals further away from the platform.
On average Adobe Flash Player exploits were encountered in 0.4% drive-by download attacks during the quarter. Fortunately, browsers like Chrome or Firefox and an improved update mechanism, have helped users keep their Flash Player installations up to date.