Apple ranks top for vulnerabilities in 2010

New research finds bugs to be inevitable, but new applications are causing problems

More flaws were found in Apple's software than in any other vendors' over the first six months of 2010, according to vulnerability researchers at Secunia.

The Secunia Half Year Report 2010 (PDF) said that Apple beat long-term leader Oracle and steady third-placed Microsoft for the top spot on the vulnerabilities list.

However, the report found that the top 10 companies accounted for barely a third of all vulnerabilities, and that third-party applications caused a doubling of vulnerabilities on the average user's PC last year.

The huge increase in the number of third-party applications has fuelled a major rise in vulnerabilities with which the average user has to cope.

"This analysis clearly identifies vulnerabilities from third-party programs to be almost exclusively responsible for the increasing trend observed since 2007," the report said.

"Data from the first half of 2010 shows that third-party program vulnerabilities are the primary risk factor for typical end-user PCs."

The average number of vulnerabilities has risen from 220 in 2007 to around 420 in 2009. This has risen to 380 in the first half of 2010, and Secunia predicts the number will rise to around 760 for the year.

Overall, the company's research dating back to 2005 found that the general level of vulnerabilities in new code has not changed significantly, suggesting that companies have got as far as they can in bug testing first-generation software.

"At a large scale the security ecosystem appears to be in a state of equilibrium, but the current rate of common vulnerabilities and exposures suggests that software vendors are still unable to release vulnerability-free software," the report concluded.