iTWire - Vulnerabilities: are things getting better?

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

Vulnerabilities: are things getting better?

Vulnerabilities: are things getting better?

E-mail

by Stephen Withers
Monday, 18 February 2008
Page 2 of 3 So who is making the design and coding errors that allow these exploits? The top five vendors are (in descending order) Microsoft, Apple, Oracle, IBM and Cisco. Together they account for 13.6 percent of vulnerabilities. The more software you produce, the more chance you have of making a mistake (all other things being equal). And the more software you sell, the more people are likely to examine it for flaws. Featured Whitepaper 5 Best Practices for Smartphone Support Furthermore, 20 percent of those vendors' disclosed vulnerabilities remained unpatched by the end of the year. That statistic sounds pretty damning to me, but the X-Force report notes that it's a lot better than the rest of the industry, that had only managed to fix half of the known vulnerabilities. Given the widespread use of the web, the number of attacks and the difficulty of detecting them before they reach the computer, how are the popular browsers doing in terms of critical vulnerabilities? The score, according to X-Force, is Internet Explorer 28, Firefox (for Windows) 36. Significantly, all critical vulnerabilities disclosed during 2007 have been patched. And as for malware, that's still a growth industry. X-Force analysed nearly 410,000 new malware samples during 2007, up 30 percent on the previous year. I don't think there's a lot of point discussing malware categorisation, as most users don't care whether a particular nasty is a virus or a worm, they just don't want it on their computers. And as the X-Force report notes, "the classic categories of virus, worm, spyware, backdoor, etc. are becoming largely irrelevant. Modern malware is now the digital equivalent of the Swiss Army knife". That said, one statistic from the analysis does deserve comment. The biggest category of malware was Trojans. Succumbing to a Trojan is arguably the most self-inflicted way of subverting a system. If you fall victim to a drive-by download from a subverted web site, or if you receive an infected file as an email attachment from a trusted party, it's hard to argue that you weren't behaving reasonably. It's unrealistic to tell people they shouldn't use the web or exchange files with friends, colleagues or business partners. CONTINUED << First page < 1 2 3 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Heathrow Airport Terminal 5 Live with Progress Software

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

Business Analyst (M15)
VBA Access Excel Developer - CBD - Banking - Employer of Choice (S16)
Vignette Developers / Analyst Programmers - CBD - Finance (S16)
Senior Network Engineer (S24)
Systems Engineer - Java/Weblogic
Senior Systems/Business Analyst
Project Manager
Designers - Data Networks
Web Developer
IT Technical Support Manager

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking