The software programs Google Chrome and Oracle Solaris surpassed Microsoft’s Internet Explorer in having the most vulnerabilities last year, according to Secunia, an IT security firm.
Bad news for IBM too: Big Blue’s software took 40 percent of the Top 20 most insecure applications.
Secunia recorded 15,435 software vulnerabilities in 3,870 applications during 2014, and found Chrome to be responsible for 504 of those, giving the browser an unfortunate first place on this list. Unix operating system Solaris was found to have 483 vulnerabilities, followed by Gentoo Linux (350) and Microsoft’s Internet Explorer (289).
IBM dominated the list, though, with eight entries. As CNET writes, Tivoli Endpoint Manager was Big Blue’s worst performer, with 258 vulnerabilities earning it 8th place. It was followed by Tivoli Storage Productivity Center (231), IBM Websphere Application Server (210), IBM Domino (177), IBM Lotus Notes (174), IBM Tivoli Composite Application Manager For Transactions (136), IBM Tivoli Application Dependency Discovery Manager (136), IBM Tivoli Application Dependency Discovery Manager (122), and IBM Websphere Portal (107).
The biggest security crises of the year focused on open source software with HeartBleed, SSL and ShellShock. Secunia wrote that these problems “brought attention to a previously neglected potential security issue: the use of open source applications and libraries in IT environments.” It adds: “It is therefore important to be aware of which open source libraries are in use in an environment, and to have a solid mitigation strategy in place. Because the applications that use these libraries are not always patched – often, they are not even reported vulnerable.”
Latest posts by (see all)
- 5 things law marketing can learn from the Kansas City Royals - November 6, 2014
- The 16 types of meeting that get work done - August 18, 2018
- LinkedIn tries to solve one of the oldest CRM challenges by adding Deals feature to Sales Navigator - August 17, 2018
- Mitel tells a 30-second case study about Major League Baseball to market its connectivity technology - August 16, 2018