Showing posts with label Application Bugs. Show all posts
Showing posts with label Application Bugs. Show all posts

Saturday, December 19, 2009

Firefox and Adobe Reach the Top on Vulnerable Software List

Firefox reached the top of the most vulnerable software this year, while holes in Adobe software gained thrice the amount of holes that it had last year, according to statistics compiled by Qualys, a vulnerability management provider.
Qualys tallied 102 vulnerabilities that were found in Firefox this year, up from 90 last year. The numbers are based on running totals in the National Vulnerability Database.

However, the high number of Firefox vulnerabilities doesn't necessarily mean the Web browser actually has the most bugs; it just means it has the most reported holes. Because the software is open source, all holes are publicly disclosed, whereas proprietary software makers, like Adobe and Microsoft, typically only publicly disclose holes that were found by researchers outside the company, and not ones discovered internally, Qualys Chief Technology Officer Wolfgang Kandek said late on Wednesday.
"Operating systems have become more stable and harder to attack and that's why attackers are migrating to applications, he said. "Adobe is a huge focus for attacks now, around 10 times more than Microsoft Office. However, other widely used targets like Internet Explorer and Firefox are still far from secure."
Adobe customers will have to wait about a month for a fix to the latest critical zero-day hole in Reader and Acrobat.

The company announced on Wednesday it would not patch the vulnerability until its next scheduled quarterly security update release on January 12.

More Like This

Related Posts with Thumbnails