Internet Explorer, Microsoft’s ubiquitous web browser that remains one of the most used internet browsing applications worldwide, has topped a list of the most frequently targeted Windows components. Prepared by ESET, a global pioneer in proactive protection for more than two decades, the report titled ‘Windows exploitation in 2014’ also found that usage of Windows XP, the popular Operating System (OS) that is no longer supported by Microsoft, remains high and users of this OS are at greater risk due to the lack of Microsoft’s latest anti-exploit security features.
Compared to the results from last year, the number of exploit attacks on Microsoft components grew in 2014. ”This year was especially hard on users of the Internet Explorer browser, as Microsoft addressed twice as many vulnerabilities as in 2013,“ explains Mohamed Djenane, Security Specialist, ESET Middle East. “Microsoft was highly active and quick to address a large number of these vulnerability in the same year itself, thus reducing the risk for users.”
The most notorious example of an Internet Explorer vulnerability being exploited in the wild was the Unicorn bug. This vulnerability could be used by an attacker to run arbitrary code on a remote machine while bypassing the Enhanced Protected Mode (EPM) sandbox in Internet Explorer 11 as well as Microsoft’s free anti-exploitation tool, the Enhanced Mitigation Experience Toolkit (EMET). In the report, ESET researchers also offer their findings on the BlackEnergy trojan, which exploits a bug in Microsoft PowerPoint.
The report offers information about not just the main types of vulnerabilities present in Microsoft Windows over the past year, but also highlights the mitigation techniques that Microsoft introduced with the latest versions of its operating system. “Unfortunately, many users still use Windows XP without any anti-exploit security features, and these users are therefore constantly exposing themselves to significant risk of being infected,” Mohamed Djenane adds.
Djanane believes there is good news in store for loyalists of Microsoft’s internet browsing applications. “The software giant is set to release a new web browser code named Spartan with Windows 10. It will act as a total replacement of Internet Explorer and we expect it to have the most advanced technology available among web browsers,” he said.
In November 2014 ESET Smart Security 8 scored 100% in a study by AV-Test that focused on self-defense. In its test, AV-Test examined the use of open-access protection mechanisms – ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) – within the source code of IT security vendors. Both mechanisms help to reduce the risk of an existing vulnerability actually becoming exploitable.