IBM Software Vulnerabilities Spiked In 2013Most code flaws still involve non-Microsoft products, and overall patching speed has improved, study presented at RSA conference finds
Did the number of vulnerabilities reported in IBM products jump by 400% from 2012 to 2013?
That finding comes from a new study, released Wednesday by vulnerability management security firm Secunia at the RSA conference, of the top types of software vulnerabilities facing enterprise networks. That information is crucial for helping IT administrators prioritize which applications and operating systems to patch first.
Overall, Secunia received reports on 13,073 new vulnerabilities in software products in 2013 -- comprising 2,289 products from 539 different vendors -- and said 16.3% of the bugs were rated "highly critical," meaning they can be used to remotely exploit systems. Finally, 0.4% of the vulnerabilities rated as "extremely critical," meaning bugs that could remotely exploit systems and which were also being actively targeted by in-the-wild attacks.
Read the full article here.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014. View Full Bio