I came across an article yesterday at secunia.com. Secunia is a leading provider of Vulnerability Intelligence and tracks the evolution
of security threats. They have posted their Half Year Report 2010 which includes some interesting trends and statistics. This
information may be of interest to some of our readers so I thought it might make an interesting diary.
The key highlights of the Secunia Half Year Report 2010 are:
Since 2005, no significant up-, or downward trend in the total number of vulnerabilities in the
more than 29,000 products covered by Secunia Vulnerability Intelligence was observed.
A group of ten vendors, including Microsoft, Apple, Oracle, IBM, Adobe, and Cisco, account on
average for 38 percent of all vulnerabilities disclosed per year.
In the two years from 2007 to 2009, the number of vulnerabilities affecting a typical end-user
PC almost doubled from 220 to 420, and based on the data of the first six months of 2010, the
number is expected to almost double again in 2010 to 760.
During the first six months of 2010, 380 vulnerabilities or 89% of the figures for all of 2009
has already been reached.
A typical end-user PC with 50 programs installed had 3.5 times more vulnerabilities in the 24
3rd party programs installed than in the 26 Microsoft programs installed. It is expected that
this ratio will increase to 4.4 in 2010.
The report does a good job of discussing the current trends and statistics and highlights what they are seeing for vulnerabilities.
To review thefull report you canseecheck it out athttp://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf.
Deb Hale Long Lines, LLC
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.