Apple Tops IBM’s List of Vendors with Most Vulnerabilities
IBM has released its August X-Force report informing that the number of disclosed vulnerabilities during the first half of 2010 increased by a substantial 36%, compared to the previous year.IBM X-Force analyzed and documented some 4,396 new vulnerabilities in the first half of 2010, attributing four percent of the disclosures to Apple, which put the Cupertino-based electronics maker at the top of the list.
Tracking the Mac maker was Microsoft at no. 2 on the list. The third position was occupied by Adobe Systems, mostly because of issues relating to Adobe Reader and Flash Player, eWeek reports.
"The continued prevalence of the Gumblar—the exploit tool kit/group—is still helping to secure top positions for Adobe products, but PDF and Flash exploits are extremely popular in many other exploit tool kits as well," an IBM spokesperson said.
"An interesting change from the second half of 2009 is that ActiveX has dropped off the top-five list, at least for now … Judging by what we have observed thus far in 2010, it is safe to assume that 2010 will be dominated by PDF exploitation," the spokesperson added.
"The leap in vulnerability disclosures relates to organizations taking a greater interest in exploitable software bugs as well as attackers continuing to develop their own infrastructure," said Tom Cross, manager of IBM's X-Force Advanced Research Team.
"An area that both whitehat and blackhat security researchers are focusing on is automated vulnerability discovery through approaches such as fuzzing,” Cross noted.
“Predicting disclosure increases into the future is going to be tricky for this reason and we may see the occasional plateau or decrease," he added.
HOT RIGHT NOW