Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
There Have Been Over 16,000 Software Bugs Detected in 2015
#1
Security bugs become ubiquitous, especially in browsers

In 2015, security researchers from Secunia detected 16,081 vulnerabilities in 2,484 software applications from 263 different vendors.

This represents a 2% increase compared to 2014, and a 39% rise compared to 2010. The numbers are bound to be higher in reality, if we take into account all currently available software, Secunia admitting the research included far less vendors than in the previous years, and also scanned fewer applications.

What Secunia's staff discovered was that during the past year, most of the detected bugs were categorized as less critical (45.6%), moderately critical bugs accounted for 25.5%, highly critical bugs for 13.3%, and only 0.5% of detected bugs were extremely critical.

More than half of security bugs can be exploited via the Internet

What's dangerous though is that 57% of these bugs could be exploited from a remote network, 35% from the local network, while only a small percentage (8%) required the attacker to launch his exploits from the victim's computer.

Most vulnerabilities were found in Google Chrome (516), followed by Adobe Flash (457), Adobe Air (306), Mozilla Firefox (254), Microsoft Internet Explorer (197), Microsoft Windows 7 (144), Adobe Reader (133), Apple iTunes (130), Oracle Java JRE (81), and Microsoft Excel (52).

As for zero-day vulnerabilities, as mentioned above, despite the smaller number of scanned applications and vendors, Secunia managed to find 23 zero-day bugs, three more than in 2014.

Browsers patch vulnerabilities in less than a month

More troubling is the fact that Secunia discovered 1,114 vulnerabilities in the five most popular browsers in 2015. With most of today's technology revolving around the Internet, browser bugs are becoming as dangerous, as OS-level issues.

But Secunia also noticed a good thing about browser vulnerabilities, and that is the fact that browser vendors are among the quickest to issue patches when a security flaw is discovered.

In the past two years, Secunia has seen that it takes browser vendors less than 30 days to issue a patch from the moment a vulnerability is detected, to when an update is available for download.

More details and in-depth statistics are available in the Vulnerability Review 2016 report by Secunia Research at Flexera Software.

Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Creative Cloud 2015 Downloads: Adobe CC 2015 Direct Links / Trials tarekma7 0 2,411 05-16-2016 , 09:33 AM
Last Post: tarekma7
  Known Bugs in Windows 10 Redstone Build 14279 - Kaspersky Software Not Working tarekma7 1 2,954 03-04-2016 , 10:37 PM
Last Post: clyde

Forum Jump:


Users browsing this thread: 1 Guest(s)