Web browser attacks have unseated computer worms as the greatest threat to corporate networks, according to a report released by Microsoft Corp.
The report based its findings on data collected in the later part of 2012 from billions of Windows computers in over 100 countries. The information was collected through Microsoft’s Malicious Software Removal Tool, Microsoft’s real-time endpoint protection products, Hotmail accounts and Bing.
The report said the second most popular exploit was PDF and Word documents, followed by attacks on Java and then Windows operating system.
The report said attackers now typically use malicious JavaScript code and HTML inline frames (iFrames). Hackers embed iFrame in Web pages and use them to link to pages that host malware.
Seven in 10 threats affecting companies were delivered through malicious web sites, the report said.
RELATED CONTENT
Networks face ‘crisis of trust’: Websense
New browser malware found
Microsoft remains committed to Internet Explorer but it is also experimenting with client-side architecture to replace the browser. Microsoft calls the technology Embassies.
This approach aims to provide a secure virtualized environment that would isolate web applications. Applications would run in low-level, native code containers that use Internet addresses for external communications with other applications.
The idea is to reduce the power and access if the browser to the OS in order to minimize the risk of possible attacks.