The Secunia Vulnerability Review 2014 is out and it’s interesting to see its major finding of vulnerability assessment of operating systems, browser and PDF readers. The Denmark based firm released the data in its annual report on software vulnerabilities covering the 50 most commonly used programs and operating systems.
Secunia Vulnerability Report on Operating Systems
Starting with the operating systems, the number of vulnerabilities reported in Microsoft’s Windows 7 and XP has almost doubled in the year 2013, similar to the figure of 2011. The vulnerability number reported were 102 for Windows 7 and 99 for Windows XP. These were 50 and 49 respectively in the year 2012.
Windows 8 has been identified with most vulnerabilities, however, this high figure is due to the integration of Adobe System’s Flash Player into the Internet Explorer browser, which accounted for 55 of those problems.
Secunia Vulnerability report on Third Party software
The report noted that In 2013, 75.7% of the vulnerabilities affecting the Top 50 programs that make up the representative software portfolio affected third-party programs. This means that 24.3% of the remaining vulnerabilities in the Top 50 programs installed on the computers of PSI users, stem from the Windows 7 operating system and Microsoft programs. The third-party results represent a decrease compared to the previous year – 2012 – when vulnerabilities in third-party software accounted for 86%.
Browser Vulnerability decreased in 2013
Secunia tested vulnerability of five most popular browsers (Internet Explorer, Google Chrome, Mozilla Firefox, Opera and Safari) and the overall data shows that there were 727 vulnerabilities in these browsers in 2013 compared to 893 in 2012 – a year-on-year decrease of 18.6%. The majority of these vulnerabilities were rated as ‘Highly Critical’.
Adobe Reader amounts for largest vulnerability
Secunia Vulnerability report mentions that out of the five most popular PDF readers ( Adobe Reader, Foxit Reader, PDF-X Change Viewer, Sumatra PDF and Nitro PDF Reader ) tested by Secunia, Adobe Reader who enjoys almost monopoly-like share of the market was found with the largest amount of vulnerabilities: 67 in 2013 – with about a third of its users leaving it unpatched despite this fact.