Windows, IE, Java are most vulnerable
Posted on 04 February 2014.
When compared with the numbers from the previous year, 2013 has seen an increase in reported security vulnerabilities and, what's more, the number of critical vulnerabilities has also risen - although it's considerably smaller than in 2009.

GFI researchers have combed through the details provided by the US National Vulnerability Database (NVD), and have discovered that in 2013, an average of 13 new vulnerabilities were reported each day, bringing the total to 4794 - 447 more that in 2013.

50 percent of the flaws were found in products of only 10 vendors out of 760:


The numbers are both a testament to the number of different offerings these big firms have and to their popularity, which naturally points to the conclusion that they are more often targeted by hackers and analysed by security researchers for security flaws.

Oracle has topped the list not only because of Java vulnerabilities, but also because of hardware flaws found in the company devices. Still, Microsoft can't sigh a sigh ot relief, as the company has had a huge rise in "high severity" vulnerabilities when compared to 2012 numbers.

Critical vulnerabilities found in its various operating systems made Microsoft occupy 8 of the first 9 spots on the list of most targeted OSes in 2013:


Finally, Microsoft's Internet Explorer, Oracle's Java and Google's Chrome have ended up occupying the first three spots (respectively) on the list of most targeted applications.

"From a security perspective, Oracle and Java had a bad year in 2013 with 193 vulnerabilities reported for Java, 102 of them critical," noted GFI's Christian Florian. "To make matters worse, an high number of the critical vulnerabilities in Java were zero-days flaws."

Another thing to take into consideration is the fact that cyber attackers have a preference for exploiting Java vulnerabilities, because the software can be found on many computers who run different operating systems.

Keeping all this in mind, the best advice you can get to keep safe is still to keep your operating system, applications, and security software up to date, and to remove software you don't use or need in order to minimise the attack surface.









Spotlight

New Zeus variant targets users of 150 banks

Posted on 19 December 2014.  |  A new variant of the infamous Zeus banking and information-stealing Trojan has been created to target the users of over 150 different banks and 20 payment systems in 15 countries, including the UK, the US, Russia, Spain and Japan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Mon, Dec 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //