Firefox tops in most vulnerable apps

Most Commented

Environment Day Spl: How green is our 'gadget' life?

Enterprise Optimization Series

Bringing together the CIOs and Solution providers to explore new & unique ways of "Aligning IT investments with Business Benefits"

Know More..

SMB Central for SMBs

Communications, Networking Guide and resources on Telepresence and Video Conferencing and much more for SMBs of India.

Know More..

Firefox tops in most vulnerable apps

Bit9 identifies 'The Dirty Dozen' - 2008's most popular applications with critical security vulnerabilities reputable programs found vulnerable; security gaps often left unaddressed

Tuesday, December 16, 2008

Email This

Print This

Comments

RSS

WALTHAM, USA: Bit9, Inc., the pioneer and leader in Enterprise Application Whitelisting, unveiled its annual ranking of popular consumer applications with known security vulnerabilities.

Acording to the report published by Bit9, Open source web browser Mozilla's Firefox has earned the title of the most vulnerable software program running on the Windows platform followed by twelve widely deployed desktop applications.

The list this year expanded to include 12 applications, up from 10 last year, due to the increase in vulnerabilities and the popularity of applications such as Skype and Yahoo! Assistant those are often used by employees within an enterprise.

Top 12 applications with known vulnerabilities include:

- Mozilla Firefox, versions 2.x and 3.x
- Adobe Acrobat, versions 8.1.2 and 8.1.1
- EMC VMware Player,Workstation and other products
- Sun Java Runtime Environment (JRE)
- Apple QuickTime, Safari & iTunes
- Symantec Norton products
- Trend Micro officescan
- Citrix Products
- Aurigma Image Uploader, Lycos FileUploader
- Skype
- Yahoo! Assistant
- Microsoft Windows Live (MSN) Messenger

Each application on the list has the following characteristics:

* Runs on Microsoft Windows.
* Is well-known in the consumer space and frequently downloaded by individuals.
* Is not classified as malicious by enterprise IT organizations or security vendors.
* Relies on the end user, rather than a central IT administrator, to manually patch or upgrade the software to eliminate the vulnerability, if such a patch exists.
* The application cannot be automatically and centrally updated via free Enterprise tools such as Microsoft SMS & WSUS.

"Year after year, we see a growing number of applications within the enterprise creating security vulnerabilities that are easily prevented through better visibility across endpoints, and a more centralized patch-management process," said Harry Sverdlove, chief technology officer, Bit9 Inc.

"2008 has been no exception. This year, along with the widely reported huge increase in malware, the number of well-known applications causing security problems for companies has also increased. Our annual ranking now covers 12 applications, up from 10 last year," he added.

©CIOL Bureau

Would you like to on this article?

Be first to comment on this article

Name
Email
Your reply

Environment Day Spl: How green is our 'gadget' life?

iPhone 3GS jailbreak app released

Facebook launches India developer contest

Oracle unveils Fusion Middleware 11g

Facebook for iPhone, coming soon

Progress s/w intros open integration platform

	Better Project Management using System Engineering
	Developer Challenge: Participate to win Apple MacBook!

	Single appliance for workload protection from Novell
	Barrier breaking technologies for your next level of business

	The Best opportunities coming up on CIOL
	Enterprise Optimization Series: Meet the Top CIOs
	Cut the Clutter with CIOL Custom Sites