Symantec Internet Security Threat Report - Best Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
Internet security & monitoring for networks - Dld trial!   Get A Free iPod   Bookmark and Share 
Best Tips
Security Scanner
Security Categories
Advertise With Us!
Latest Viruses / Threats
2009/12/24 0:00:00
2009/11/20 17:37:24
2009/11/20 17:37:24
2009/11/20 15:43:34
2009/11/20 15:43:34
Our Partners
Downloads
Professional Security Resources: Symantec Internet Security Threat Report (2/4)  
Author: Max : 2007/3/24 Printer Friendly Page Tell a Friend
Symantec Internet Security Threat Report 
Vulnerability Trends Highlights
  • Symantec documented 2,526 vulnerabilities in the second half of 2006, 12 percent higher than the first half of 2006, and a higher volume than in any other previous six-month period.2
  • Symantec classified four percent of all vulnerabilities disclosed during this period as high severity, 69 percent were medium severity, and 27 percent were low severity.
  • Sixty-six percent of vulnerabilities disclosed during this period affected Web applications.
  • Seventy-nine percent of all vulnerabilities documented in this reporting period were considered to be easily exploitable.
  • Seventy-seven percent of all easily exploitable vulnerabilities affected Web applications, and seven percent affected servers.
  • Ninety-four percent of all easily exploitable vulnerabilities disclosed in the second half of 2006 were remotely exploitable.
  • In the second half of 2006, all the operating system vendors that were studied had longer average patch development times than in the first half of the year.
  • Sun Solaris had an average patch development time of 122 days in the second half of 2006, the highest of any operating system.
  • Sixty-eight percent of the vulnerabilities documented during this period were not confirmed by the affected vendor.
  • The window of exposure for vulnerabilities affecting enterprise vendors was 47 days.
  • Symantec documented 54 vulnerabilities in Microsoft Internet Explorer, 40 in the Mozilla browsers, and four each in Apple Safari and Opera.
  • Mozilla had a window of exposure of two days, the shortest of any Web browser during this period.
  • Twenty-five percent of exploit code was released less than one day after vulnerability publication.
  • Thirty-one percent was released in one to six days after vulnerability publication.
  • Symantec documented 12 zero-day vulnerabilities during this period, a significant increase from the one documented in the first half of 2006.
  • Symantec documented 168 vulnerabilities in Oracle database implementations, more than any other database.


 Page: 1 2 3 4 
Return to Category | Return To Main Index
Professional Security Resources: Symantec Internet Security Threat Report (2/4)