Linked by David Adams on Wed 18th May 2011 02:53 UTC, submitted by HAL2001
Privacy, Security, Encryption Microsoft published volume 10 of the its Security Intelligence Report which provides perspectives on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches in both Microsoft and third party software. Microsoft found out that vulnerabilities in applications versus operating systems or web browsers continued to account for a large majority of all vulnerabilities in 2010, although the total number of application vulnerabilities declined 22.2 percent from 2009. The exploitation of Java vulnerabilities sharply increased in the second quarter of 2010 and surpassed every other exploitation category that the MMPC tracks, including generic HTML/scripting exploits, operating system exploits, and document exploits.
Order by: Score:
?
by windowshasyou on Wed 18th May 2011 02:57 UTC
windowshasyou
Member since:
2011-05-14

This is the one case where I think that Microsoft knows what its talking about. After all, who better to lecture people on security breachs than a company that is known for ignoring security?

Edited 2011-05-18 02:58 UTC

Reply Score: 0

RE: ?
by benali72 on Wed 18th May 2011 16:05 UTC in reply to "?"
benali72 Member since:
2008-05-03

More than a competence issue, I would wonder if MS is shading results to fit their own purposes. They have a vested interest in saying the problems lie with other company's apps, rather than Windows, IE, or their own infrastructural software.

Reply Score: 0

Comment by sagum
by sagum on Wed 18th May 2011 05:00 UTC
sagum
Member since:
2006-01-23

"The exploitation of Java vulnerabilities sharply increased in the second quarter of 2010"

- Minecraft.

Reply Score: 2

RE: Comment by sagum
by fran on Wed 18th May 2011 14:06 UTC in reply to "Comment by sagum"
fran Member since:
2010-08-06

One of Java's security strong points is that it runs on the JVM (Java virtual machine). It is designed and suppose to be one of the safest programming platforms.

Where lies the problem
1. Third party program vulnerabilities(Java programmers)
2. Java itself
3. Consumer not updating Java.

Reply Score: 2

RE[2]: Comment by sagum
by WorknMan on Wed 18th May 2011 15:13 UTC in reply to "RE: Comment by sagum"
WorknMan Member since:
2005-11-13

I don't run Java myself, and this is just one of the reasons why. Flash is sort of a 'necessary evil', since a lot of the web uses it. Fortunately, Java is not, at least for me. I don't run any apps that use it.

Reply Score: 2

RE[2]: Comment by sagum
by Alfman on Wed 18th May 2011 19:22 UTC in reply to "RE: Comment by sagum"
Alfman Member since:
2011-01-28

fran,

"One of Java's security strong points is that it runs on the JVM (Java virtual machine). It is designed and suppose to be one of the safest programming platforms.

Where lies the problem
1. Third party program vulnerabilities(Java programmers)
2. Java itself
3. Consumer not updating Java."


I'd like to know too. If it hadn't been killed by microsoft, java would be the ideal platform for running highly interactive/intensive apps inside (or outside) the browser on demand.

Of course, supporting such powerful apps in the browser destroys the business case for mobile walled gardens.

Java was a wonderfully innovative platform; maybe in a world not dominated by overreaching control freaks, it would have flourished.

Anyways, the report would be informative if it wasn't so annoyingly vague.

Reply Score: 1