Software Vulnerabilities Grow in 2015

Tuesday, March 22, 2016 @ 04:03 PM gHale


Last year alone, Secunia researchers found 16,081 vulnerabilities in 2,484 software applications from 263 different vendors.

That discovery is a two percent increase over the year before and, and a 39 percent hike from 2010.

RELATED STORIES
Attacks on Rise, Incident Response Tougher
Attacking an ICS from ‘Inside Out’
ICS-CERT BlackEnergy Report
Breach at IN Utility

What Secunia’s staff discovered was during the past year most of the detected bugs were less critical (45.6 percent), while moderately critical bugs accounted for 25.5 percent, highly critical bugs 13.3 percent, and only 0.5 percent of detected bugs were extremely critical.

In a world where remote connectivity is growing, the same it true with attackers as 57 percent of these bugs could end up exploited from a remote network, 35 percent from the local network while only 8 percent required the attacker to launch their exploits from the victim’s computer.

Researchers found most vulnerabilities in Google Chrome (516), followed by Adobe Flash (457), Adobe Air (306), Mozilla Firefox (254), Microsoft Internet Explorer (197), Microsoft Windows 7 (144), Adobe Reader (133), Apple iTunes (130), Oracle Java JRE (81), and Microsoft Excel (52).

As for Zero Day vulnerabilities, Secunia found 23, 3 more than in 2014.

Secunia discovered 1,114 vulnerabilities in the five most popular browsers in 2015. With most of today’s technology revolving around the Internet, browser bugs are becoming as dangerous as OS-level issues.

Secunia also noticed a good thing about browser vulnerabilities. Browser vendors are among the quickest to issue patches when a security flaw becomes apparent.

Secunia found it takes browser vendors less than 30 days to come up with a patch from the moment of a vulnerability detection to when an update is available for download.

Click here to register for the full report.