14 DAY TRIAL // Secunia, a leading provider of Vulnerability Intelligence and Vulnerability Management tools, has issued its Half Year Report for 2010 (PDF) which puts Apple atop of Microsoft in terms of bugs found in its products. Noting that “a high market share correlates with a high number of vulnerabilities,” the security firm believes that folks should stop regarding Microsoft products as the ones that pose the largest threat.
Secunia acknowledges that “Oracle (including Sun Microsystems and BEA Logic) ranked #1 in four out of five years overtaken by Apple in the first half of 2010, with Apple consistently ranking higher than Microsoft. Despite increased investments into the security of their products, none of the seven vendors who occupied the Top-10 group in 2005 as well as in 2010 managed to decrease the number of vulnerabilities discovered in their products. On the contrary, the vulnerability count of each of these seven vendors has increased to reach in 2009 between 136% and 440% of the 2005 count,” it notes.
“This analysis also supports the general perception that a high market share correlates with a high number of vulnerabilities,” the security vendor upholds. “Apple (iTunes, QuickTime), Microsoft (Windows, Internet Explorer), and Sun Microsystems (Java, now part of Oracle) consistently occupy the top ranks during the last five years, with Adobe (Acrobat Reader, Flash) joining the group in 2008.” According to Secunia, “Users and businesses must change their perception that Microsoft products pose the largest threat in order to allocate security resources effectively. General awareness on the risk of 3rd party programs must be established.”
The security firm also believes that, in order to allow users to automatically install security updates for a wide range of programs, new technology is needed.
Apple’s latest security update (version 2010-004) patched dozens of holes found throughout Mac OS X, as well as individual applications like iTunes and Safari. Apple also handles the patching of Java vulnerabilities, although it does so with a lag, something security experts have long slammed Apple for.