Vulnerability disclosures reached record levels in the first half of 2010,according to the latest report from IBM‘s X-Force security team.
The team’s mid-year trend and risk report documented 4,396 disclosed software vulnerabilities in the first six months of the year, a 35 per cent increase on 2009. This was attributed to software vendors disclosing more data and the increased number of security researchers now focused on finding flaws in code.
“Throughout the software industry people have got the message about computer security and are doing more to identify vulnerabilities and as a consequence we are seeing more,” Tom Cross, manager at X-Force, told V3.co.uk.
“So, paradoxically, code is actually getting more safe, but on the other side we’re seeing more exploits.”
Of the 2010 disclosures by all software companies, over half still have no patch available, rising to 71 per cent for critical or high-ranking vulnerabilities. In the latter case, Google is the worst offender, with 33 per cent of these important flaws still unpatched.
However, by taking all flaws into account Sun is the worst offender, with 24 per cent of vulnerabilities unpatched.
For the first time in the report’s history, web application vulnerabilities have reached 50 per cent of all code flaws reported. However, the report found that the number of problems related to ActiveX has fallen sharply, something Cross attributed to efforts by Microsoft and others to sort out the issues with the controls.
As for operating system vulnerabilities, Microsoft had the lion’s share of critical flaws disclosed so far this year, with Linux, Apple and HP-UX all seeing significant falls. However, if all types of vulnerability are taken into account, Apple has had the worst year so far, with Linux following closely behind.
On the spam front, volumes have continued to grow rapidly and now stand at their highest level ever. However, in some good news, spammers have been forced to change tactics by government action in China.
'Sunlit wet sidewalk' provides evidence of methane rainfall on the north pole of Saturn's moon Titan
Methane rainfall indicates the start of the summer season in Titan's northern hemisphere
Scientists believe there could be other hydrides or superhydrides with super conducting properties
Resetting the telemetry circuits and associated boards brought the instrument back to operations mode
Fortnite news and updates: Flaw in Fortnite authentication could have helped attackers steal player login credentials
Attackers could have used Fortnite security flaw to buy in-game currency on players' stored credit cards