Oracle Java ‘most vulnerable software’

If you're looking to set up dedicated servers or a Cloud VPS to be used as the base of your data center, you need to be thinking carefully about the software solutions you add to it in order to make your life as easy as possible. For many enterprises, one of the most commonly-used solutions is Oracle's Java platform, which can be used to create powerful applications for business computing and web servers. However, it seems the popularity of this is being increasingly recognised by criminals.

Most frequently exploited by cybercriminals

This is because research conducted by Kaspersky as part of its 2012 Security Bulletin has revealed Java has become the most frequently exploited software by cybercriminals in the past 12 months. This has seen it overtake the previous most vulnerable software, Adobe Reader, which slipped back to second.

In 2011, Adobe Reader was responsible for 35% of all exploit-related incidents, while for Java the figure was 25% and Microsoft Windows 11%. But in 2012, Java jumped to 50%, with Adobe Reader falling to 28%.

Used by criminals

What this might mean for you is that you could be leaving your business open to malware, as exploiting known vulnerabilities in software is one of the most common ways to access networks and place malicious programs on a network. Kaspersky explained: "Cybercriminals exploit applications or software that has unpatched security vulnerabilities, which exist because either the individual or business have failed to patch their vulnerable applications with the latest security updates from vendors."

Therefore, if you're using software such as Java, it's vital to ensure you always have the lastest version and update it with new patches as soon as they become available. If you don't do this, you're leaving yourself open to problems that could have a potentially disastrous impact on your business' network.

Now obviously this isn't the only thing you need to be taking care of to make sure your operations are safe. For example, it was recently observed by CIO.com that taking steps to keep websites free from vulnerabilities is hugely important to small firms, as they have limited resources available to them and might be especially targeted by criminals because of this.