In 2012, we saw how Java, which is installed on hundreds of millions of devices, was repeatedly compromised and used actively to infect millions of users. In second place is Adobe, which, given the popularity of its applications (Acrobat Reader, Flash, etc.) and its multiple security flaws, is one of the favourite tools for massively infecting users as well as for targeted attacks.
Although we may think that home users are exposed to the highest risk, remember that updating applications, which is essential for protection against such attacks, is a complex process, particularly in companies in which updating all computers must be co-ordinated. At the same time, it is essential to ensure that all the applications used in a company work correctly. This makes the update processes slow, which opens a window that is exploited to steal information in general and launch targeted attacks in search of confidential data.
Other areas expected to feature significantly in 2013 in terms of security issues are: