STE WILLIAMS

And the prize for LEAST SECURE BROWSER goes to … Chrome!

More vulnerabilities were reported in Chrome last year than any other core software according to research which also found 2014 clocked record numbers of zero day flaws.

The Secunia Vulnerability Review 2015 report (pdf) is built on data harvested by the company’s Personal Software Inspector tool residing on “millions” of customer end points, each with an average of 76 installed applications.

It found the Choc Factory’s web surfer gathered more vulnerabilities than Oracle Solaris, Gentoo Linux, and Microsoft Internet Explorer which rounded out the top four among the analysed core products.

Chrome leads the browser pack with 504 reported vulnerabilities followed by Internet Explorer with 289 and Firefox with 171. Some 1035 flaws were reported across all browsers including Opera and Safari, up from 728 in 2013.

The security firm says Mozilla clocked the most number of un-patched users, followed by Chrome and Internet Explorer, although this could be because installed secondary browsers were often unused.

The report further reveals vulnerabilities increased 70 percent from 728 to 1035 by the end of 2014, with un-patched zero day flaws rising from 14 to 25.

Total vulnerabilities reached 15,435 relating to 3870 applications from 500 vendors. That is an increase of 18 percent over the reporting period and 55 percent since 2009.

Of those, 1698 (11 percent) are deemed highly critical and 43 (0.3 percent) are extremely critical.

More than half of Foxit PDF users did not apply patches, compared to 32 percent of users of the utterly dominant Adobe Reader. The Flash factory produced 43 vulnerabilities that year compared to a mere two for Foxit.

Some 83 percent of vendors patched their wares before vulnerabilities were publicly disclosed compared to half in 2009.

The report finds remote network attacks are more common (60 percent) than local vectors (33.4 percent). ®

Sponsored:
Designing and building an open ITOA architecture

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2015/03/26/chrome_trumps_all_in_reported_vulnerabilities/

  • 26/03/2015
  • adm
Comments are closed.