iTWire - Vulnerabilities: are things getting better?

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

Vulnerabilities: are things getting better?

Vulnerabilities: are things getting better?

E-mail

by Stephen Withers
Monday, 18 February 2008
Page 1 of 3 The number of security vulnerabilities disclosed during 2007 dropped by over 5 percent from the previous year. Featured Whitepaper 5 Best Practices for Smartphone Support According to IBM X-Force's annual trend report [PDF], there was a 5.4 percent reduction in new vulnerability disclosures during 2007 compared with 2006. 6437 vulnerabilities were reported during 2007. Researchers are uncertain whether this is a statistical correction (both 2005 and 2006 saw growth well in excess of the trend), a chance event, or the beginning of a new trend. Whatever the reason, this is the first reduction since X-Force began collecting the data in 2000. But apart from that headline figure, there's not much good news to be found in the report. High impact vulnerabilities were up 28 percent compared with 2006. A high impact vulnerability is one that allows "immediate remote or local access or immediate execution of code or commands with unauthorised privileges." When you look at the absolute number of high impact vulnerabilities, the overall trend seems to be upward apart from modest reductions in 2003 and 2006. Another worry is that the proportion of vulnerabilities that can be remotely exploited has grown every year since 2000, with the sole exception of 2004. So not only are there more vulnerabilities, more of them have a high impact, and more of them can be exploited by people that don't have physical access to your systems. On top of that, almost all web-based exploits now use obfuscation or encryption to make it harder for intrusion detection and prevention systems to spot them. CONTINUED << First page < 1 2 3 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

NETSUITE ANNOUNCES Q3 09 RESULTS

AVG (AU/NZ) Wins Computer Troubleshooters Vendor of the Year Award for the Second Year

Mobile & Wireless VoIP on the Apple iPhone

AVG (AU/NZ) Growing Fast in an Economy Looking for Security

...Promote your press-releases here

Latest jobs

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Business & IT Transformation Roles

Systems Analysts	Business Process Analysts
Test Analysts	Business Analysts
Business Readiness Analysts

Project C

stats for wordpress

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking