Oracle's Java platform is the most popular attack target online, accounting for more than half of all malware exploit attempts, according to Kaspersky Lab.
The security firm said that in the last quarter, 56 per cent of all attacks on systems in its security network sought to exploit unpatched Java flaws as an entry point for malware attacks.
Researchers believe that the popularity of Java, combined with the lack of a set update schedule or automatic installation mechanism, helped to make Java a popular target for malware writers and automatic exploit kits.
"According to Oracle, different versions of this virtual machine are installed on more than 1.1 billion computers. Importantly, updates for this software are installed on demand rather than automatically, increasing the lifetime of vulnerabilities," wrote Kaspersky researcher Yury Namestnikov.
"In addition, Java exploits are sufficiently easy to use under any Windows version and, with some additional work by cybercriminals, as in the case of Flashfake, cross-platform exploits can be created."
The second most popular target amongst malware writers was Adobe Acrobat Reader, which was targeted in 25 per cent of reported attacks. Microsoft Windows was a distant third in the rankings with four per cent of attacks, followed by Adobe Flash with three per cent and Android root exploits, which accounted for two per cent.
The company noted that attacks on Android devices continue to be on the rise. In the quarter researchers logged some 9130 new variants of Android malware over the quarter, up from just 5441 at the beginning of the year.
Researchers believe that the meteoric growth is likely to continue as users become more accustomed to browsing the web on their handsets.
"It is obvious that the devices with the later versions of operating systems installed on them are better suited to actively working online," wrote Namestnikov.
"Unfortunately, more active web surfing often leads users to sites hosting malicious content."