Operating system vulnerabilities remain high

Microsoft was the software company with the most vulnerabilities among the top 20 most vulnerable products during the three months ending in July, according to Flexera Software’s latest Vulnerability Update.

The report found that Microsoft was responsible for 518 of the 2686 vulnerabilities discovered among the top 20 products. Top 20 products were classed as the software with the highest number of vulnerabilities reported for each of the three months.

The four Microsoft products in the top 20 were Windows 10, Windows Server 2012, Windows 8 and Windows RT.

According to Kasper Lindgaard, director of Secunia Research at Flexera Software, this shows that the overall rate of vulnerabilities remains high — particularly in operating systems.

“[This underscores] the need for users to be diligent about patching their operating systems,” he said.

“The good news is, that is exactly what is happening. In our recently released Country Reports, the number of private PC users with unpatched Windows operating systems declined to 6.3%, down from 12.5% the previous year.”

Interestingly, it wasn’t an operating system that was responsible for the highest number of vulnerabilities across the three-month period, but a niche hospital management software suite. Philips Xper Connect was responsible for 272 vulnerabilities.

Lindgaard noted that the healthcare sector “is a prime target for hackers looking to harvest protected health information and personally identifiable information for trading in the underground markets”.

For this reason, he said it is particularly important for healthcare providers to be aware of vulnerabilities that may exist in their own environments.

Image courtesy of 若昔难得 under CC