Sunday, July 25, 2010

Apple Top in World in Software Insecurity


Apple is the most security vulnerabilities in its software. Its a report by security company Secunia. Apple has displaced Oracle from 1st place. Apple had more reported flaws than any other vendor in first half of 2010. Microsoft retains its third-place spot. Secunia has tracked security vulnerabilities and issues advisories since 2002, producing periodic reports on the state of software. 


In term of top ten vendors account for some 38% of all flaws reported. As the report says that Apple is most insecure in its software, it does not necessarily mean that Apple's software is the most insecure in practice. The report takes no consideration of the severity of the flaws, it points at a growing trend in the world of security flaws: the role of third-party software. 
Generally Apple's flaws are not in its operating system, Mac OS X, but rather in software like Safari, QuickTime, and iTunes. Vendors like Adobe (with Flash and Adobe Reader) and Oracle (with Java) are similarly responsible for many of the flaws being reported.

This report includes cumulative figures for the number of vulnerabilities found on a Windows PC with the 50 most widely-used programs. Five years ago, there were more first-party flaws (in Windows and Microsoft's other software) than third-party. Since about 2007, the balance shifted towards third-party programs. This year, third-party flaws are predicted to outnumber first-party flaws by two-to-one. Secunia also makes a case that effectively updating this third-party software is much harder to do. 

Whereas Microsoft's Windows Update and Microsoft Update systems will provide protection for around 35% of reported vulnerabilities, patching the remainder requires the use of 13 or more updating systems. Some vendors like Apple, Mozilla, and Google, for example do have decent automatic update systems, but others require manual intervention by the user. 
soruce 


No comments:

Post a Comment