Secunia Half Year Report for 2010 shows interesting trends
I came across an article yesterday at secunia.com. Secunia is a leading provider of Vulnerability Intelligence and tracks the evolution
of security threats. They have posted their Half Year Report 2010 which includes some interesting trends and statistics. This
information may be of interest to some of our readers so I thought it might make an interesting diary.
The key highlights of the Secunia Half Year Report 2010 are:
- Since 2005, no significant up-, or downward trend in the total number of vulnerabilities in the
more than 29,000 products covered by Secunia Vulnerability Intelligence was observed.
A group of ten vendors, including Microsoft, Apple, Oracle, IBM, Adobe, and Cisco, account on
average for 38 percent of all vulnerabilities disclosed per year. - In the two years from 2007 to 2009, the number of vulnerabilities affecting a typical end-user
PC almost doubled from 220 to 420, and based on the data of the first six months of 2010, the
number is expected to almost double again in 2010 to 760. - During the first six months of 2010, 380 vulnerabilities or 89% of the figures for all of 2009
has already been reached. - A typical end-user PC with 50 programs installed had 3.5 times more vulnerabilities in the 24
3rd party programs installed than in the 26 Microsoft programs installed. It is expected that
this ratio will increase to 4.4 in 2010.
The report does a good job of discussing the current trends and statistics and highlights what they are seeing for vulnerabilities.
To review the full report you can see check it out at http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf.
Deb Hale Long Lines, LLC
Keywords: Secunia Trends
3 comment(s)
×
Diary Archives
Comments
Not that this is a bad thing for Secunia. If they found more updates they'd have hit the 4.4 ratio already.
Brandioch Conner
Jul 14th 2010
1 decade ago
Secunia PSI is a security tool i.e. it only tells you about updates which are necessary to stay secure, thus giving you much less work than
if you had to update 10x as much using e.g. Filehippo.
While the tools may seem similar, they actually serve completely different purposes.
You can read more on the PSI download page:
"The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus and are therefore increasingly "popular" among criminals."
http://secunia.com/vulnerability_scanning/personal/
To better understand the difference between the Secunia PSI and tools like Filehippo etc. these reviews might be worth a read:
http://www.howfixcomputer.com/2010/06/02/updaters-revisited-cnet-techtracker-vs-secunia-psi/
http://www.howfixcomputer.com/2010/05/28/staying-secure-and-up-to-date-filehippo-update-checker-vs-sumo-vs-secunia-psi/
E.Jeppesen - Secunia Official
Jul 15th 2010
1 decade ago
That's why I prefer staying current on all apps, whether there are known, published vulnerabilities or not.
Brandioch Conner
Jul 15th 2010
1 decade ago