McAfee predicts that hack attacks against Adobe software (Flash and PDF Reader) will surpass Microsoft this year.
The Register (UK) writes, Attacks targeting vulnerabilities in Acrobat Reader and Flash are already commonplace, driven in part by that software’s widespread use. The often-tricky update process and lack of user awareness that apps as well as browsers and Windows need updating further compounds the problem of PDF-based malware – which McAfee reckons will only increase next year.
CMIT Solutions (technology consultants) Evan Stein (who clued me into the article) writes that the best way to protect yourself from security threats is to keep your software updated. Most software provides automatic updates so the process is not too hard, but you have to remember to allow the software to update.
He writes, The problem is compounded by people’s tendency to ignore or forget the need to update the many different types of software they have installed on their machines. This may be due in part to the mistaken belief that as long as they have their antivirus definitions up to date, they’re protected from intrusion. Add to this the fact that, historically, some hastily issued security patches from makers like Microsoft have caused as many problems as they were supposed to fix. Finish it off with a healthy dose of end-user skepticism about the legitimacy of spontaneous prompts to update your software, and you can see why many people still run outdated — and vulnerable — versions of common programs. To this point, Microsoft is releasing a record number of patches on February 9th, tying October 2009 for the most security bulletins released in a single month.