Go to Insights page Insights
Go to Intelligence page Intelligence
Go to Investing page Investing
Go to Innovations page Innovations
Go to Impact page Impact
Go to Two Takes page Two Takes
Go to Two Takes page
Go to Insights page Insights
Go to Intelligence page Intelligence
Go to Investing page Investing
Go to Innovations page Innovations
Go to Impact page Impact
Two Takes View TECHi Stance

Silverlight is now more vulnerable than both Flash and Java

TECHi's Author Connor Livingston
Opposing Author Electronista Read Source Article
Last Updated
Electronista
Electronista View all Electronista Two Takes by TECHi Read the original story Published May 21, 2014
TECHi's Take
Connor Livingston
Connor Livingston
  • Words 84
  • Estimated Read 1 min

Microsoft Silverlight vulnerabilities are increasingly being exploited in drive-by download attacks to infect computers with malware, especially through malicious ads. Attackers have been adding exploits for Silverlight vulnerabilities to their exploit kits, tools that are commonly used to launch Web-based attacks, according to security researchers from Cisco Systems. “Silverlight exploits are the drive-by flavor of the month,” the Cisco security researchers said Monday in a blog post. “Since April 23rd we have observed substantial traffic being driven to Angler instances partially using Silverlight exploits.”

Electronista

Electronista

  • Words 176
  • Estimated Read 1 min
Read Article

Microsoft’s web video and interactive cross-platform content plugin Silverlight is coming under increasing volume of attacks from hackers as of late. As the public awareness of Java and Flash flaws is increasing, Cisco’s security researchers are finding an increasng number of systems affected by attacks focused on exploits of Microsoft’s Silverlight, as users aren’t aware of the increasing proliferation of malware for the platform. Cisco’s researchers say that “Silverlight exploits are also ideal because Silverlight continues to gain rich Internet application market share, perhaps surpassing Java, and Microsoft’s life cycle schedule suggests Silverlight 5 will be supported through October, 2021,” making users of the plugin numerous, and vulnerable. The analysts contine to say that the malware campaign in question “uses a Silverlight file to trigger the same CVE-2013-3896 vulnerability, but packages the exploit differently and attempts obfuscation through AES encryption.” The CVE-2013-3986 exploit was patched in January, but a large percentage of Silverlight users install the package, and never update it, with some installs being two years out of date.

Source

NOTE: TECHi Two-Takes are the stories we have chosen from the web along with a little bit of our opinion in a paragraph. Please check the original story in the Source Button below.

Balanced Perspective

TECHi weighs both sides before reaching a conclusion.

TECHi’s editorial take above outlines the reasoning that supports this position.

More Two Takes from Electronista

Chick-Fil-A may have suffered a credit/debit card breach
Chick-Fil-A may have suffered a credit/debit card breach
Connor
Connor

Chick-Fil-A has the pleasure of starting off the new year with a possible credit/debit card breach. The popular fast food…

Microsoft is expanding the Xbox One’s streaming capabilities
Microsoft is expanding the Xbox One’s streaming capabilities
Scarlett
Scarlett

Microsoft is still listening to fans when it comes to adding features to the Xbox One – a new update…

T-Mobile has made its Pay as You Go plans much more simple
T-Mobile has made its Pay as You Go plans much more simple
Rocco
Rocco

Pay-per-use cellphone plans are sometimes befuddling -- the rates can change depending on whether you're calling or texting, or how…

Kogan has launched its 4G LTE Agora smartphone
Kogan has launched its 4G LTE Agora smartphone
Chastity
Chastity

Kogan, the Australian reseller, in association with BenQ has introduced its Agora 4G smartphone in the United Kingdom. The latest…