More than half of the security vulnerabilities disclosed during 2008 had no patches available from the vendor by the end of the year, according to a report released on Monday by IBM's X-Force research group.
Vendors with the most vulnerabilities discl osed in 2008.
(Credit: IBM X-Force)Meanwhile, 46 percent of vulnerabilities from 2006 and 44 proportion from 2007 still had no patch by the end of 2008, the 2008 X-Force Trend and Risk report said. X-Force documented a record nu mber of 7,406 new vulnerabilities last year.
While Microsoft is the vendor that tops the move in percentage of vulnerabilities disclosed, the Macintosh and base Linux kernel operating systems have dominated the top spots for vulnerabilities by o perating system over the past iii years, the report said.
Most of the email last year appeared to come from Russia (12 proportionality, followed by the U.S. (9.6 percent), and Turkey (7.8 percent), although the spam senders could be located in a different location, the report says.
China unseated the U.S. as the country hosting the largest number of malicious Web sites for the first time last year.
Meanwhile, 46 pct of all malware attacks last year were Trojans targeting people playing online games and doing online banking, and 90 percent of phishing attacks targeted financial institutions, according to the report.
Two main trends attackers used last year were SQL injection attacks, in which a small malicious script i s inserted into a database that feeds information to the Trap site, and malicious URLs hosting exploits.
The operating systems with the most vulnerability disclosures in 2008.
(Credit: IBM X-Force)Cheers~
No comments:
Post a Comment