Surprise! Mac OSX Most Vulnerable OS & IE Most Vulnerable Application In 2014
Surprise! Mac OSX, IE Leads The Most Vulnerable OS & Applications Chart In 2014!
In April, 2002, world’s first billionth computer was sold (Gartner Dataquest’s statistics); in 2007, the second billionth computer was shipped, and by the end of 2008, it was expected that 1 billion+ active Personal Computers (desktops and laptops) existed all over the world. As per Forrester, by the time 2015 ends, 2 billion active personal computers all over world would be in usage.
55% of all personal computers in the world are being run on Windows OS, 23% on Linux based OS and 17% on Apple OS (iOS/OS X). Considering that the preferences for operating systems are so varied and diversified, with usage increasing every hour, there are some interesting questions related with the vulnerabilities and security threats these OS receives.
Some of these questions are:
- Which Operating Systems are at maximum risk and threat?
- Which applications and browsers has most number of vulnerabilities last year?
- Which are the latest vulnerability trends worldwide?
- Are all vulnerabilities and threats high security threat or some can be omitted temporarily?
GFI, a security and research firm from US decided to find some answers related with the vulnerabilities associated with operating systems, software and web browsers.
They dug out the National Vulnerability Database (NVD), which is a “U.S. government repository of standards based vulnerability management data.” NVD is a product under National Institute of Standards and Technology (NIST), which is a non-regulatory agency of the United States Department of Commerce.
As per the research, it has been revealed that Apple’s Mac OS X reported the maximum vulnerabilities compared to other operating systems, whereas Microsoft’s Internet Explorer browser reported maximum threats.
Overall, 7038 new vulnerabilities and threats were reported into the NVD database, which means 19 new cases of security lapses every day.
Some major highlights from this interesting study of threats and security issues which can have major impact on the overall productivity of the IT sector:
– Compared to 2013, there were 46% more cases added in the NVD in 2014
– 24% of all vulnerabilities were high risk/high severity
– The best news: 80% of all reported security threats and bugs were reported from 3rd party applications. Operating Systems constituted only 13% and hardware devices resulted in 4% of all cases
– Apple Mac OS X reported 147 cases of vulnerabilities, out of which 64 were high severity. At #2 is Apple iOS with 127 cases; at #3 is Linux Kernel. However, if we add all Microsoft’s Operating Systems (besides Server), then the total number of vulnerabilities from Windows would be 172, compared to 147 from Mac.
– Now, if we combine all Windows, Apple OS and Linux, then it will be: 274: Apple Mac OS + iOS, 248: Windows Desktop + Server and 119: Linux Kernel. Hence, vulnerabilities associated with Apple’s OS is more compared to Microsoft’s Windows in every case.
– Microsoft’s Internet Explorer reported stunning 242 cases of vulnerabilities and bugs, out of which 220 were high severity. Comparably Chrome only had 124 reported cases of bugs and threats, Mozilla had 117. Oracle’s Java software also reported high number of vulnerabilities at 104, out of which almost 50% were high severity. Several free Adobe products such as Flash, Shockwave player etc also reported several threats and bugs.
As per GFI, IT Admins should focus on a priority list while securing their systems with patches:
- 1st Priority: Operating Systems (Windows, Linux, iOS/Mac)
- 2nd Priority: Web Browsers (Chrome, Mozilla, IE)
- 3rd Priority: Java
- 4th Priority: Adobe Free Products (Flash Player, Reader, Shockwave Player, AIR)