Microsoft Wins Regrettable Prize: Most Vulnerabilities

Dec 04, 2015

A new report showing products with most vulnerabilities was released, and Microsoft is on the number one spot. This is the first time since the introduction of the report back in 2014, that IBM is not in the lead.

The report, entitled Vulnerability Update, was created by Flexera Software, a provider of next-gen software licensing, compliance, security and installation solutions for application producers and enterprises. It covers the top 20 products with most vulnerabilities in August, September and October 2015.

The total number of recorded vulnerabilities in the three Top 20’s was 2,450, and with 12 product entries, Microsoft products outnumber IBM’s eight product entries.

The Vulnerability Update is a recurring report based on data from Flexera Software’s Vulnerability Database. The report provides a Top 20 per month of products with the most vulnerabilities recorded over a three-month period, along with brief comments from Secunia Research at Flexera Software.

“The reason so many Microsoft products are in the Top 20 lists this time is that both Microsoft Internet Explorer and Microsoft Edge come bundled with Adobe Flash, adding the 35 Flash vulnerabilities listed in August to Windows 8 and upwards. This means that for Windows systems from 8 and later, the 35 vulnerabilities in Adobe Flash Player are added to the Microsoft vulnerabilities, resulting in these products climbing higher than they otherwise would,” explained Kasper Lindgaard, Director of Secunia Research at Flexera Software.

The report also touches on one of the new challenges facing the IT industry: the Internet of Things (IoT), which is bringing more internet-connected devices into businesses and the homes of consumers. IoT impacts both the ‘old’ IT guard – application producers, and the security community – and newcomers, like manufacturers creating Internet-connected intelligent devices, who must start integrating software security into their product strategy.

“With the IoT trend comes the necessity to educate businesses and consumers and get them to treat their connected devices – from telecommunications equipment and medical devices to toasters, thermostats and cars – like their PC’s, full of updateable software that can be vulnerable to hackers,” said Lindgaard, “We need to get businesses and consumers to start applying security updates to their devices, just as they should be doing to the software on their PCs and mobiles. The problem is, that even though we have been trying to get the “apply security updates” message across for more than 10 years, consumers still are not sufficiently aware that they need to do so.”

Author: Sead Fadilpašic
View the original article here.
Published under license from ITProPortal.com

 

 

 

adobe / IBM / ITProPortal / Microsoft / Partners / security / Technology

Comment

 

Understanding the risks and rewards of public sector cloud 

Download the Whitepaper now

Partner

24Newswire
Sign up to receive latest news

Twitter Feed

Why does pubsec ICT PR firm @MantisPR want to be at the upcoming #eventcentreUK THINK Digital Vendors 2016 event? https://t.co/3tE5o7aMmO
@24nbiz
Apr 01, 2016
@thinkdigicon supporter @Adv365 sets out its stall for tomorrow's landmark #gcloud event https://t.co/FQraJP2yyg
@24nbiz
Mar 21, 2016
@thinkdigicon supporter @Adv365 explains why it's supporting tomorrow's show https://t.co/2Wj3UECo9s
@24nbiz
Mar 21, 2016
@24n.biz: what's the final agenda for tomorrow's @thinkdigicon #gcloud @GOVUKdigimkt show? https://t.co/6CASi8lrnU
@24nbiz
Mar 21, 2016