The statistics used in this report are generated by the Kaspersky Security Network (KSN), a major innovation implemented in Kaspersky Lab personal products. The system is currently being adapted for implementation in Kaspersky Lab’s corporate product offerings.
Software and operating system vulnerabilities are one of the most dangerous security issues, providing cybercriminals with opportunities to evade protection mechanisms and attack victim machines. Kido, the biggest epidemic of 2009, came to pass due to a critical vulnerability in the Windows operating system.
Of the five most common vulnerabilities, the first two were identified in 2009, those in third and fourth place in 2008, and the Microsoft XML Core Services Multiple Vulnerabilities, which occupy fifth place, were identified back in 2007.
In terms of vulnerable files and applications detected on users’ machines, the most common in 2009 were vulnerabilities in Apple’s QuickTime 7.x, which was responsible for more than 70% of all vulnerabilities. This is reminiscent of 2008, when QuickTime made up more than 80% of all vulnerabilities, and led the rankings with this figure.[...]
n 2008, this graph was made up of 7 companies, but this number has now been reduced to four. Just as last year, Microsoft continues to lead with 10 vulnerabilities. This is not surprising, as we are looking specifically at the Windows platform. Nine out of the 10 vulnerabilities were found in applications which form part of Microsoft Office, such as Word, Excel, Outlook, PowerPoint, etc.
Apple’s four vulnerabilities were all found in QuickTime.
This data can be used to conclude that the situation remains the same as last year: the most vulnerable applications on modern Windows systems are still Microsoft Office and QuickTime.
However, Adobe is not far behind in the vulnerability stakes. All four vulnerabilities which were identified related to a single product: Adobe Flash Player. Two of these vulnerabilities were identified in 2009. Sadly, the situation has not improved since 2008, but actually worsened.
The list of the most dangerous applications for 2009 is as follows:
- Microsoft Office
- Adobe Flash Player