Windows, IE, Java are most vulnerable
Posted on 04 February 2014.
When compared with the numbers from the previous year, 2013 has seen an increase in reported security vulnerabilities and, what's more, the number of critical vulnerabilities has also risen - although it's considerably smaller than in 2009.

GFI researchers have combed through the details provided by the US National Vulnerability Database (NVD), and have discovered that in 2013, an average of 13 new vulnerabilities were reported each day, bringing the total to 4794 - 447 more that in 2013.

50 percent of the flaws were found in products of only 10 vendors out of 760:


The numbers are both a testament to the number of different offerings these big firms have and to their popularity, which naturally points to the conclusion that they are more often targeted by hackers and analysed by security researchers for security flaws.

Oracle has topped the list not only because of Java vulnerabilities, but also because of hardware flaws found in the company devices. Still, Microsoft can't sigh a sigh ot relief, as the company has had a huge rise in "high severity" vulnerabilities when compared to 2012 numbers.

Critical vulnerabilities found in its various operating systems made Microsoft occupy 8 of the first 9 spots on the list of most targeted OSes in 2013:


Finally, Microsoft's Internet Explorer, Oracle's Java and Google's Chrome have ended up occupying the first three spots (respectively) on the list of most targeted applications.

"From a security perspective, Oracle and Java had a bad year in 2013 with 193 vulnerabilities reported for Java, 102 of them critical," noted GFI's Christian Florian. "To make matters worse, an high number of the critical vulnerabilities in Java were zero-days flaws."

Another thing to take into consideration is the fact that cyber attackers have a preference for exploiting Java vulnerabilities, because the software can be found on many computers who run different operating systems.

Keeping all this in mind, the best advice you can get to keep safe is still to keep your operating system, applications, and security software up to date, and to remove software you don't use or need in order to minimise the attack surface.









Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //