Vulnerability disclosure hits record levels

More vulnerability disclosures were made in the first half of 2010 than ever before for such a period, according to IBM research.

Security

Vulnerability disclosures reached record levels in the first half of 2010, with most security holes lacking vendor patches, a report has shown.

In total, IBM's X-Force Research and Development team recorded 4,396 new vulnerabilities over the first six months of 2010, representing a 36 per cent rise over the same period in 2009.

Advertisement - Article continues below

More than half of these flaws did not have a vendor-supplied patch by the end of the period.

The spike in disclosures might be the product of some of the work happening at software companies, which are hopefully putting more effort into trying to identify threats, patch them and then inform the public, said Tom Cross, manager of the X-Force team.

"It might actually be a good sign that we've seen an increase in vulnerability disclosure but for us it certainly makes the days longer," Cross said.

Steve Robinson, general manager of IBM Security Solutions, added: "This year's X-Force report reveals that although threats are on the rise, the industry as a whole is getting much more vigilant about reporting vulnerabilities."

Vendor differences

The X-Force team reviewed the vendors with the most disclosures and discovered Sun Microsystems had the worst patch rate for the first half of 2010, with 24 per cent of vulnerabilities unpatched by the end of that period.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Microsoft did not fare much better, with 23.2 per cent of security holes lacking a fix.

Adobe, which plugged security holes in its Reader and Acrobat software this month, only had 2.9 per cent of bugs unpatched.

Google had the worst rate when it came to vulnerabilities with critical and high ratings, with 33 per cent patchless by the end of the period. Apple was the best performer in this category with none left unpatched.

Of all disclosures of vulnerabilities in operating systems ranked critical and high, Microsoft reported more than any other major vendor.

Almost three-quarters of all such disclosures came from Microsoft, with Linux far behind in second on 16 per cent.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement

Recommended

The House of Lords will never bring tech giants to book
IT regulation

The House of Lords will never bring tech giants to book

8 Aug 2020
Apple hit with $1.4 billion Siri patent infringement lawsuit
Policy & legislation

Apple hit with $1.4 billion Siri patent infringement lawsuit

3 Aug 2020
Apple acquires startup to turn iPhones into payment terminals
Technology

Apple acquires startup to turn iPhones into payment terminals

3 Aug 2020
Big tech CEOs grilled by House Judiciary Committee’s antitrust panel
Policy & legislation

Big tech CEOs grilled by House Judiciary Committee’s antitrust panel

30 Jul 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do you build a great customer experience?
Sponsored

How do you build a great customer experience?

20 Jul 2020