"The Waltham, MA company has been issuing annual
reports on Windows applications with the highest critical security
problems. The most recent press release identifies "the Dirty
Dozen," among which Firefox versions 2.x and 3.x rank at the top of
the list, followed by Adobe Acrobat 8.1.2 and 8.1.1, Microsoft
Windows Live (MSN) Messenger 4.7 and 5.1, Apple iTunes 3.2 and
3.1.2, and Skype 3.5.0.248.
"According to Bit9, these applications have a few things in
common. They run on Windows, are popular among users, and IT
organizations don't consider them potentially malicious. The
critical factors that put them on the Dirty Dozen list are that (a)
at least one security hole was found, (b) they usually rely on
users rather than IT admins to apply upgrades or patches, and (c)
they can't be centrally updated with free enterprise tools."