The number of attacks exploiting Java vulnerabilities has severely decreased recent years but continues to be a threat, Microsoft warns. Java was previously the favorite target of cybercriminals but Adobe Flash Player now has that dubious honor.
Java’s decreasing popularity for attacks by cybercriminals is caused by the fact that most browser changed the way they execute Java, or don’t support Java at all anymore. Any existing attacks of Java mostly target vulnerabilities that have been patched years ago.
“Despite the positive trend, it doesn’t mean organizations can ignore the threat of Java exploits entirely”, Microsoft writes in a blog
Numbers from the software giant show that Java is still attacked, mainly by exploits that abuse vulnerabilities from 2010, 2012 and 2013. According to Microsoft that means users still have to be careful with Java, especially when using outdated Java installations.