Windows 7 and XP vulnerabilites rose in 2013
Secunia analyzed reported vulnerabilites in the top 50 most-used software products
IDG News Service - The number of vulnerabilities found in Microsoft's Windows 7 and XP operating systems doubled last year over 2012, with the highest number of flaws reported in Windows 8, according to new research from Secunia.
The Denmark-based security company said 102 vulnerabilities were found in Windows 7 in 2013 and 99 in XP, up from 50 and 49 vulnerabilities respectively in 2012.
Windows 8 had the most vulnerabilities, at 156, but Secunia said that was due to the integration of Adobe System's Flash Player into the Internet Explorer browser, which accounted for 55 of those problems.
Secunia released the data in its annual report on software vulnerabilities, which looks at the 50 most commonly used programs and operating systems.
Microsoft took the first three spots in the list with its XML Core Services, followed by Windows Media Player and Internet Explorer. Adobe came in fifth place with its Flash Player and seventh place with Reader. Oracle occupied the number ten spot with its Java platform.
Eighty-six percent of the vulnerabilities found in the top 50 software products had a patch available on the day the vulnerability was disclosed, Secunia said. Administrators typically want to patch quickly to thwart attacks.
The report noted that the gap in time between when a flaw is identified and when a patch is ready continues to improve, showing that "researchers are continuing to coordinate their vulnerability reports with vendors and vulnerability programs, resulting in immediate availability of patches for the majority of cases."
Third party programs, which are made by a variety of vendors, contained about 76 percent of the vulnerabilities in the top 50 programs in 2013. That's down from 86 percent in 2012, but "highlights the difficulties faced by end users and administrators in keeping their systems secure," according to the report.
"Each vendor has its own security update mechanisms and varying degrees of focus on security," Secunia said. "This represents a(major challenge to the users of personal computers and administrators of IT infrastructures, because not all vendors offer automated update services and push security updates to their users."
Secunia found only 10 zero-day vulnerabilities, which are those actively being exploited that don't have a patch, in its top 50 portfolio.
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Malware and Vulnerabilities White Papers | Webcasts