Software vulnerability patching is far too slow and leaves users at risk

  • 26 August 2014
  • 0 replies
  • 1 view

Userlevel 7
By: Mark Wilson/ P:osted on 8/26/2014
 
http://betanews.com/wp-content/uploads/2014/08/plug_holes.jpg
Security holes and vulnerabilities are to be expected, but not enough is being done to patch holes quickly enough. This is the conclusion of Heimdal Security who conducted analysis of software vulnerabilities. The security firm found that while security problems are on the increase, companies are failing to keep pace and issues remain unaddressed for too long. It's something that hackers are taking advantage of, and user data is being left at great risk. Heimdal Security found that between 60 and 90 percent of attacks from hackers take advantage of this fact.
A number of key culprits are singled out for particular attention -- names that will be familiar to most: Oracle Java Runtime environment, Adobe Acrobat Reader, Adobe Flash Player, and Apple QuickTime. The biggest offender, by quite some margin, is Java Runtime environment, blighted by 48 vulnerabilities in 2012, a staggering 180 in 2013, and 90 so far in 2014. According to CVE Details, the average severity rating for all of the vulnerabilities found in each of the four products. Using the CVSS (Computer vulnerability severity system), which rates issue severity on a 1 to 10 scale, the average rating is 7.8 for Java -- and that's the best of the bunch. Adobe's two products were rated 9.2.
 
betanews/full article here/ http://betanews.com/2014/08/26/software-vulnerability-patching-is-far-too-slow-and-leaves-users-at-risk/

0 replies

Be the first to reply!

Reply