navigation bar left navigation bar right

Secunia CSI7
navigation left tab About us navigation right tab
navigation left tab Careers navigation right tab
navigation left tab Memberships navigation right tab
navigation left tab Newsroom navigation right tab
navigation left tab Contact us navigation right tab

HelpNet Article: Third-party software responsible for most vulnerabilities

Get this blog as an RSS Feed
13:50 CET on the 12th January 2011
Entry written by Secunia.

Most people owning a PC are familiar with Microsoft's patching process - it's easy and it's there. For a lot of them, it also gives the impression that Microsoft's products are chock-full of flaws.

But, according to Stefan Frei, Research Analyst Director with Secunia, it's not the vulnerabilities in Microsoft's products we should mostly worry about, but those in third-party software.

At the Infosecurity press event in London, Frei said that even though the number of discovered vulnerabilities has slightly decreased in the last two years, the worrying fact is that 84 percent of all those found in 2010 can be exploited from a remote location, and that 69 percent are tied to third-party products that may or may not have a quality patching mechanism in place.

The percentages reported are the result of Secunia's Annual Report for 2010, compiled by taking stock of the information gathered by their Personal Software Inspector - a tool designed to detect vulnerable and outdated programs and plug-ins.

According to this numbers, 55 percent of the end-point users have more than 66 programs from more than 22 vendors installed on their systems. Of the top 50 software used, 26 are developed by Microsoft, and the remaining 24 by 14 other vendors.

To read the rest of the article, please visit HelpNet at:

Discuss this news entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.
Subject: HelpNet Article: Third-party software responsible for most vulnerabilities
No posts yet


You must be logged in to post a comment.

 Products Solutions Customers Partner Resources Company
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
Technology Partners
 About us

Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
Secunia © 2002-2015 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+