The Windows exploit landscape in 2014
Over the years we've grown used to Windows being the target of viruses, hacks and other forms of attack. Although other systems like Android are now coming under attack too it’s still Windows that gets the most attention.
Researchers from security company ESET have released a report showing the major trends in Windows exploits over the past year.
Among the findings are that Windows saw twice as many vulnerabilities in 2014 as in the previous year. Internet Explorer was the most attacked Windows component, and many users are still running potentially unsafe versions of the OS like XP.
Drive by downloads are the main means of exploiting vulnerabilities and delivering malicious code and ESET predicts that this is likely to continue to be the case in 2015. Other Microsoft products can be targeted too and researchers uncovered a number of cases where vulnerabilities in MS Office have been used to deliver a malicious payload.
Microsoft hasn’t been idle in protecting it's newer systems, however. The latest version of its Enhanced Migration Experience Toolkit (EMET) introduced some new security features. These features are ASR (Attack Surface Reduction) and EAF+ (Export Address Table Filtering Plus). ASR is similar to IE’s option to block outdated Active-X controls but can cover a wider range of exploits and protect the address spaces of Word, Excel and Powerpoint.
EAF+ improves on the existing EAF system and can work independently of the older option. It blocks attempts to access addresses exported from various system modules. In addition to blocking access to the Export Address Table from unknown code, it also blocks attempts by code from legitimate libraries that could be used by attackers for scanning the EAT.
These technologies make it harder for attackers to succeed in remote code execution exploits for newer versions of Windows. Older versions such as XP, however, don’t contain this anti-exploit technology leaving them more vulnerable.
You can access the full report in PDF format with details of the most common exploits on the ESET website.
Image Credit: Sergey Nivens/Shutterstock