Secunia: this year discovered 15 zero-day vulnerabilities




This year there are fifteen zero day -kwetsbaarheden brought to the public: security vulnerabilities in software that have not been patched and therefore especially dangerous. This was reported by Secunia. Throughout 2014 thirty zero-day vulnerabilities were uncovered.

Almost all fifteen zero days were in software from Microsoft and Adobe, says security firm Secunia on the Black Hat security conference in Las Vegas; in one case it was a leak in Java. Flash was responsible for seven zero-days, three for Windows and Office for two. A large part of the zero-days came to light when internal data espionage business Hacking Team by an attacker were put on the Internet. Among those internal data were still unpatched security problems that Hacking Team abused to infect victims’ computers.

According to Secunia, the number of zero days found no cause for concern. It would, according to the company rather worrying as the number of detected zero days would decrease. That would mean that the zero days would remain under the radar and could be abused by companies like Hacking Team, thinks Secunia. Last year, 25 were discovered zero-days; the previous five years, the number of detected zero-days in the hundred most popular software packages each year between 15 and 26.

Furthermore, Secunia reports that there have so far 9225 security problems found in software, slightly less than the 9560 that were found last year. However, the number of bugs as “extremely critical” are labeled from 0.3 to 0.5 percent. The number of “very critical” bugs increased from 11.1 to 12.7 percent. The number of bugs that are labeled as ‘average’ decreased from 28.2 to 23.7 percent.

So far this year, eighty vulnerabilities found in iOS, compared with ten in Android. According to Secunia means that Android is far safer than iOS because Google has only limited control over the deployment of security updates. Apple may roll out security updates directly to users, but the Android device manufacturers and telecom providers responsible. “For users, it can take much longer before they are patched in iOS,” said Lindgaard opposite Tweakers. In addition, the difference can be explained by Apple also some apps like Safari patches via the operating system, whereas on Android via the Play Store or runs any other software store.


In: Technology & Gadgets Asked By: [15446 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »