Most Extensive Real-World Vulnerability Research
Apr 23, 2009, 21:07 (0 Talkback[s])
WEBINAR:
On-Demand
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
[ Thanks to An Anonymous Reader for
this link. ]
"The Laws 2.0 reveals vulnerability half-life,
prevalence, persistence and exploitation trends for five critical
industry segments including Finance, Healthcare, Retail,
Manufacturing and Services. These trends were drawn from a
statistical analysis of more than 680 million vulnerabilities out
of which 72 million vulnerabilities are critical, generated by 80
million scans during 2008.
"The Laws derived from this research are:
"1. Half-Life - The half-life of critical vulnerabilities
remained at 30 days across all industries. Comparing individual
industries, the Service industry has the shortest half-life of 21
days, Finance ranked second with 23 days, Retail ranked third with
24 days and Manufacturing ranked last with a vulnerability
half-life of 51 days.
"2. Prevalence - Sixty percent of the most prevalent and
critical vulnerabilities are being replaced by new vulnerabilities
on an annual basis. This number has increased from the 2004
research where it was 50 percent. The top stragglers according to
Laws 2.0 are MSFT Office, Windows 2003 SP2, Adobe Acrobat and Sun
Java Plug-in."
Complete
Story
Related Stories:
- Weekly Ten (4-20-2009): Web Herpes, Hackers Wanted, 20 Greatest Sci-Fi Movies(Apr 21, 2009)
- Vulnerabilities in Linux allow root privileges(Apr 16, 2009)
- New Attack Sneaks Rootkits Into Linux Kernel(Apr 15, 2009)
- Multiple holes in MIT Kerberos(Apr 09, 2009)
- PWN2OWN: What's a Vulnerability Worth?(Mar 19, 2009)
- Database Security(Mar 18, 2009)
- Risk report: Four years of Red Hat Enterprise Linux 4(Mar 11, 2009)
- Adobe Flash gets patch for critical flaw(Feb 25, 2009)
- Attack on SSL Users Discovered, Tool Sources Released(Feb 25, 2009)
- Secure Firefox With Seven Key Add-Ons(Feb 23, 2009)
- How to write a Linux virus in 5 easy steps(Feb 11, 2009)
