Security: Recent exploits hint at a shift in focus?
Seems to me that the Malware community behaves like electricity - it will follow the path of least resistance.
With the huge drive around securing Windows and Internet Explorer delivering results, are virus writers simply going for lower hanging fruit? Applications were traditionally not as tempting a target as an operating system for several reasons, ubiquity and access to the system being the two main ones that I can see.
As we reduce the attack surface of software like Windows, SQL and Exchange we may be forcing the hand of the dark side of the force to find opportunity elsewhere.
With recent attacks focusing on members of the Office family (e.g. Excel) has the malware community shifted their focus higher up the software stack? Can we expect many more data-document delivered payloads?
Time will tell...
