Software vulnerabilities reach milestone – Computerworld

The number of software vulnerabilities reached the highest point in 2014, the overwhelming majority of which are “patches” available on the day the issue was released, revealed annual study of security firm Secunia

The figures, taken from the tool Personal Software Inspector (PSI), reveal something disturbing:. if the correction (“patch”) is not available on the same day, it is unlikely that will be available for some time, forcing organizations to obtain alternatives and complicated fixes.

Among the suppliers that use open source libraries, many take weeks or even months to correct a small but growing number of failures serious findings that this class of software, a lazy approach that seems increasingly out of the security reality in the software area.

The Secunia reported a total of 15,435 software vulnerabilities last year, a number that has increased sharply since 2012, when it stood at around 10,000.

In 2014, the vulnerabilities were found in 3,870 applications from 500 suppliers, noting the complexity of corrections workload to be imposed on organizations.

Chrome, Google, and Solaris, Oracle, were the products with more vulnerabilities detected.