Windows 7 and XP vulnerabilites rose in 2013
Secunia analyzed reported vulnerabilites in the top 50 most-used software products
IDG News Service - The number of vulnerabilities found in Microsoft's Windows 7 and XP operating systems doubled last year over 2012, with the highest number of flaws reported in Windows 8, according to new research from Secunia.
The Denmark-based security company said 102 vulnerabilities were found in Windows 7 in 2013 and 99 in XP, up from 50 and 49 vulnerabilities respectively in 2012.
Windows 8 had the most vulnerabilities, at 156, but Secunia said that was due to the integration of Adobe System's Flash Player into the Internet Explorer browser, which accounted for 55 of those problems.
Secunia released the data in its annual report on software vulnerabilities, which looks at the 50 most commonly used programs and operating systems.
Microsoft took the first three spots in the list with its XML Core Services, followed by Windows Media Player and Internet Explorer. Adobe came in fifth place with its Flash Player and seventh place with Reader. Oracle occupied the number ten spot with its Java platform.
Eighty-six percent of the vulnerabilities found in the top 50 software products had a patch available on the day the vulnerability was disclosed, Secunia said. Administrators typically want to patch quickly to thwart attacks.
The report noted that the gap in time between when a flaw is identified and when a patch is ready continues to improve, showing that "researchers are continuing to coordinate their vulnerability reports with vendors and vulnerability programs, resulting in immediate availability of patches for the majority of cases."
Third party programs, which are made by a variety of vendors, contained about 76 percent of the vulnerabilities in the top 50 programs in 2013. That's down from 86 percent in 2012, but "highlights the difficulties faced by end users and administrators in keeping their systems secure," according to the report.
"Each vendor has its own security update mechanisms and varying degrees of focus on security," Secunia said. "This represents a(major challenge to the users of personal computers and administrators of IT infrastructures, because not all vendors offer automated update services and push security updates to their users."
Secunia found only 10 zero-day vulnerabilities, which are those actively being exploited that don't have a patch, in its top 50 portfolio.
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Security for Virtualization In the rush to implement virtualization, security has become second. So while the business benefits are clear, the risks are less well documented...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Malware and Vulnerabilities White Papers | Webcasts