In association with heise online

26 August 2010, 15:05

Number of critical, but unpatched, vulnerabilities is rising

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Zoom More vulnerabilities were discovered in the first half of 2010 than ever before.
Source: IBM
According to IBM's latest Security X-Force report on security risks and trends, more security vulnerabilities than ever before were discovered in the first half of 2010. An increase of 36% was seen compared to the first 6 months of the previous year. Developers are failing to keep pace with the rising number of vulnerabilities – the proportion of unpatched vulnerabilities at the end of the first half of this year rose from 52% to 55%. If the analysis is limited to vulnerabilities classified as critical or high risk, 71% remain unpatched.

Zoom The patching habits of companies variy substantially.
Source: IBM
The reaction of the 10 vendors, whose products topped the discovered vulnerabilities list, to security experts' disclosures varied a lot. Twenty four per cent of vulnerabilities remained unpatched after six months at Sun Microsystems, with Microsoft just behind in second place at 23.2%. Last year, Microsoft topped the list with 15.8%, while Sun failed to fix just 2.6% of reported vulnerabilities.

This time round, Mozilla took third place with 21.3%, followed by Apple with 12.9% and IBM with 10.3%. Google is a new entry in the list with 8.6%. By contrast Hewlett-Packard (HP), with 14.5% last year, has now dropped out of the top 10. Adobe came out of the study with the best figures, with just 2.9% of security vulnerabilities reported in the first six months of this year remaining unpatched.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit