How do exploit kits typically operate?

Exploit kits typically operate by exploiting vulnerabilities within browsers. These kits are designed to identify weaknesses in a user's browser or associated plugins, such as Adobe Flash or Java, to deliver malware. Once a user visits a compromised website or an infected advertisement, the exploit kit activates and scans for specific vulnerabilities in the user's system. When a weakness is found, the kit can execute malicious code to install malware without the user's knowledge or consent.

This method makes use of existing vulnerabilities, highlighting the importance of maintaining updated software and applying security patches promptly. The other options, such as distributing legitimate software or creating new vulnerabilities, do not accurately reflect the primary function of exploit kits. Relying on user consent is also incorrect, as exploit kits typically act without requiring any explicit permission from the user, taking advantage of security flaws.