Start the new year and we are divided between forecast for next 2016 and the numerous analyzes of the events occurred in the last 12 months. Today we will see together what are you software for which it was found the largest number of vulnerabilities in 2015, and believe me will see some good.
I imagine your smile safe while you think of Java and Flash Player, but make yourself comfortable because it is Apple’s Mac OS X software with the largest number of flaws discovered in 2015, about 384, followed by Apple’s iOS with 375 vulnerabilities. Adobe Flash Player is only in third place with 314 vulnerabilities, followed by Adobe AIR SDK, with 246 vulnerabilities and Adobe AIR itself, with 246 vulnerabilities.
The data were provided by the CVE Details, l ‘ body managing the data from the National Vulnerability Database (NVD) US. The system known as “Common Vulnerabilities and Exposures (CVE)” is used to keep track of all software vulnerabilities that are publicly declared by those who find out.
And ‘interesting to note how the situation changed compared to 2014, I myself was surprised when I have read the data. In 2014 the software with the largest number of vulnerabilities were Microsoft’s Internet Explorer, Apple Mac OS X, the Linux kernel, Google Chrome and Apple iOS. And ‘interesting to note the progress made in improving safety for both products Chrome and IE.
One look at the list of the top 50 software shows that the various versions of Windows have been analyzed separately, in many cases the same flaws have been counted more than once because they are present in the different versions of the same operating system Microsoft. This method of calculation in my judgment is questionable so it is necessary to carefully evaluate the data aggregation proposed. The figure is even more misleading if we think that, instead, for Mac OS X, Android and iOS have not been entered for the various versions of the leaks.
Finally, let’s take a look at the companies to understand which of them has collected the largest number of vulnerabilities in the past year: for Microsoft vulnerabilities have been reported in 1561, 1,504 to 1,147 for Adobe and Apple.
Please note, the data refer only to the vulnerabilities of which was given public notice but it must consider the fact that a number of security holes are not reported for various reasons. Another factor to consider is that these data are not tied to the number of cyber attacks that have exploited vulnerabilities, or even Apple’s Mac OS X has been the software with the largest number of flaws discovered in 2015, was probably not the most attacked during the year.
Until next time!
Pierluigi Paganini’s Chief Information Security Officer at bit4id, a leading provider of solutions for ‘ Identity Management based on PKI. He also holds the role of chief editor for the magazine US Cyber Defense Magazine and boasts an experience of over twenty years in the field of cyber security.
The passion for writing and the strong belief that safety is a matter that knowledge on cyber security should be shared prompted him to found the blog
Security Affairs, recently awarded the title of “Top Resource for US National Security.”
And ‘member of the working groups of the portal “The Hacker News “and the ‘ICTTF International Cyber Threat Task Force, is also the author of numerous articles published in leading test regarding safety which Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and many other publications.
> And ‘member of the Threat Landscape Stakeholder Group Agency ENISA (European Union Agency for Network and Information Security).
has published two books, “The Deep Dark Web” and “Digital Virtual Currency and Bitcoin” respectively on the issues inherent Deep Web and the systems of virtual currency.
‘); });
No comments:
Post a Comment