File Under: Web Basics

Apple, Microsoft Top List of Most Vulnerable Software

SoftwarevulnerablitiesA new study authored by IBM lists software from Apple, Microsoft and Joomla as the most vulnerable to attack. Apple takes the number one spot, but Microsoft, IBM and Sun are all in the top ten. Also noteworthy is the inclusion of web-based software like Joomla (number two) and WordPress, both very popular online content management systems.

Echoing a similar report from Sophos that came out in July, the IBM report shows one clear, overall trend: the number of vulnerabilities in our software is increasing.

The other interesting part of the report, which you can download in PDF form, is that attacks have largely shifted from operating systems to web application, hence the inclusion of Joomla, WordPress and Drupal.

The report also points out that, from a cracker’s perspective the web-based attacks are very highly publicized and offer more bang for your buck. That conclusion falls in line with the increasing number of automated SQL injection attacks we’ve seen in the past year.

So what’s a security conscious user to do? Well, as we pointed out in the recent Apple DNS debacle, you’re largely at the mercy of venders to update their software.

When security patches are available apply them. Beyond staying current, use your head; don’t do stupid stuff like opening unknown e-mails, browsing random Blogger.com sites or downloading files from untrusted sites. A bit of common sense can get you long way on the web.

[via CNet, image from IBM report]

See Also: