Monday, 23 February 2015

Shellshock and Heartbleed helped fuel rise in security vulnerabilities in 2014

Shellshock and Heartbleed helped fuel rise in security vulnerabilities in 2014

Operating systems and applications saw an overall rise in the average number of vulnerabilities spotted during 2014 with Microsoft Windows continuing to lead the way in terms of the overall number of potential problems.


Data from the National Vulnerability Database (NVD) found 7,038 new security vulnerabilities in 2014, which worked out at an average of 19 per day, dwarfing 2013 and continuing an upward trend that has been building in recent years.


Of the new vulnerabilities, 24 per cent are rated as "high severity", a number lower than 2013; however, the actual number of higher severity vulnerabilities in fact increased when compared to the previous period.


Third-party apps are the most prolific source of vulnerabilities tallying over 80 per cent, operating systems only contributing 13 per cent and hardware devices four per cent.


Microsoft get dubious top honours


Microsoft Windows vulnerabilities were split across seven different versions (Server 2008 and 2012, 7, 8, 8.1, Vista and RT) and totalled 248 with Apple OS X coming out in second with 147, iOS third on 127 and Linux Kernel bringing up the rear on 119.


Microsoft again led the way in the application category with Internet Explorer top of the list with 242 vulnerabilities, dwarfing almost every other application and almost double second placed Google Chrome (124 vulnerabilities).


The year was a particularly busy one for vulnerabilities with Heartbleed, Shellshock and a range of other zero day attacks that wreaked havoc on PCs and Macs alike and as such the rise isn't particularly surprising.


Via: GFI

















http://ift.tt/1w3nphI

No comments:

Post a Comment