Open in app

Sign in

Write

Sign in

8 Vulnerable Software Apps Exposing Your Computer to Cyber Attacks [Infographic]

Heimdal Security
Healthy paranoia
Published in
7 min readSep 10, 2015

--

I have a theory about why people don’t care about their data’s security as much as they should.

From my experience, I’ve noticed that people have a difficult time relating to cyber security threats.

You may find yourself thinking: “What does all this techie stuff have to do with me?

Investing in cyber security might seem unnecessary, because you can’t really see it working for you, unless an attack strikes, but so is car insurance, and you definitely need that!

But let’s leave the cyber attack scenario aside for a second to focus on the (billion) other threats that aim to steal, destroy or hold your data captive.

And maybe you didn’t know this, but cyber criminals could also use your devices to expand their infrastructure and launch attacks on other targets.

So don’t think for a second that cyber attacks or cyber threats are only about technology!

In fact, cyber criminals’ methods have 3 main traits:

  • they’re advanced
  • they’re persistent
  • they’re always transforming.

Cyber criminals might be after your money, your resources, your personal information, you devices or even your access to third parties, such as the company you work for.

Whatever the objective is, they really do have tools and resources to launch powerful attacks on anyone, anywhere, anytime.

And it all starts with the software you use every single day.

What about my software?

Software is imperfect, just like the people who make it.

No matter how much work goes into a new version of software, it will still be fallible.

Cyber criminals are after those exact glitches, the little security holes in the vulnerable software you use that can be exploited for malicious purposes.

For example, you’re probably using add-ons in your browser and think they’re harmless. Except they can be a way for cyber criminals to distribute malware and unwanted applications, or at least monitoring your browsing data. Suffice to say that malware creators are having a field day with this sort of attack pattern!

But how can cyber attacks target so many people?

The answer is simple: Cyber criminals are automation experts!

They create advanced forms of malware and computer viruses that can replicate themselves automatically and infect millions of computers around the world. The more sophisticated the threat, the harder it will be to detect and block.

Why YOUR software is a valuable target:

Five reasons:

  • Because it’s flawed.
  • Because software vendors can hardly keep up with the way cyber criminals exploit vulnerabilities in their products.
  • Because it’s used by millions.
  • Because it gives them access to your computer in minutes.
  • Because you’re sometimes careless when using the Internet. (We’ve all been there, trust me.)

And the list could go on. But you get the picture, right?

Remember this: OUTDATED SOFTWARE is the root of evil. Not all software evil, but it is a HUGE part of cyber threats.

Did you know that 8 software apps make 99% of computers around the world vulnerable to cyber attacks?

I’m going to tell you all about, but first let me answer this question:

How are web attacks delivered?

90% of web attacks are delivered through advertising networks!

Click an infected banner on a legitimate website and you’ll end up with data-stealing malware or ransomware on your system!

Each time you ignore an update prompt from software you use, you’re exposing yourself to cyber threats and attacks.

So what types of applications can have security holes?

  • Browsers you use daily
  • Browser add-ons
  • Browser plugins
  • Desktop applications (and more).

You probably have at least 3 applications installed that make your computer vulnerable to cyber attacks!

TOP VULNERABLE APPLICATIONS IN 2014

1. Google Chrome

Used by almost 64% of computers around the world, Chrome had 124 vulnerabilities in 2014. That’s 124 opportunities for cyber criminals to infect users, steal their data and do pretty much what they want.

Since the beginning of 2015, Chrome has had 15 vulnerabilities (CVE details), and the number will likely increase over the coming months.

2. Mozilla Firefox

The second most used browser in the world — with a market share of over 20% — had 117 vulnerabilities last year. And Firefox users don’t seem to be aware of the dangers associated with outdated software.

3. Adobe Flash Player / Plugin

Adobe’s products are infamous for their vulnerabilities. Cyber criminals target them constantly! This year alone Flash Player has had 17 vulnerabilities and we’re not even halfway through 2015.

Adobe Flash Player has stolen the first place on cyber criminals’ to-exploit list, because it is now integrated in various products (such as Google Chrome), which makes it more difficult to patch.

Longer times between updates give cyber criminals time to wreak havoc!

4. Oracle Java Runtime environment

Java was once at the top of the hitlist for cyber criminals everywhere. And it still is, despite exploits in this software having dropped by 34%.

Flash also interacts with Java, making such exploits much more difficult to identify and block! In turn, cyber criminals get to be more elusive, but also more effective.

5. Adobe Air

This particular product from Adobe is a cross-platform system used for building desktop and mobile apps. In 2015 no less than 17 vulnerabilities have been identified in this piece of software. And it’s not the only one on your computer!

6. Apple TV

“Told ya using Apple products is safer!”

Actually… No. If you’re reading this on an Apple product, you’re no safer from cyber threats than Windows users are. Or even Linux users, for that matter.

Apple TV made to the top 8 most exploited software in 2014. And it’s not doing great this year either: 23 vulnerabilities have been spotted so far!

7. Adobe Reader

Highly sophisticated exploits target Adobe Reader all the time! And not only that, but in 2013 they also had a massive data breach, exposing 2.9 million customers and their data to other cyber threats.

You might as well switch to a different software for reading PDFs, but the top 5 most used products are also targeted by cyber criminal attacks.

8. Adobe Acrobat

Yes, this is the 3rd Adobe product on the list and it’s also problematic. In 2015 alone, 32 vulnerabilities have been observed and patched.

Cisco Annual Security Report 2015:

Exploits in outdated software will continue to be A TOP SECURITY ISSUE OF GREAT MAGNITUDE!

So this entire article may be left you wondering:

Should I stop using these applications to be safe?

Nope.

That’s not really an option. These types of software are necessary, which is why they’re present on 99% of computers.

That makes 99% of computers vulnerable!

What should I do to be safe?

1. Use an automated patching tool to keep your software updated. 2. Use a tool traffic scanning tool to keep you from accessing infected web locations. 3. Use an application that can block advanced forms of malware, which antivirus can’t detect or block. 4. Use an antivirus in case you get infected. 5. Don’t click strange links, open suspicious emails or IMs and keep away from dangerous web locations (such as torrent websites).

Remember: There is no way to ensure 100% cyber security for your data!

But that doesn’t mean you shouldn’t try!

See the full infographic below:

Originally published at heimdalsecurity.com on May 21, 2015.

Cybersecurity
Security
Information Security

--

--

Heimdal Security
Healthy paranoia

Written by Heimdal Security

331 Followers

Online criminals hate us. We protect you from attacks that antivirus can’t block.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams