Security Advisor

Apple's OSes Top 'Most Vulnerable' List of 2014

According to a list of OS vulnerabilities, Apple's desktop and mobile platforms fared the worst last year.

In a report by security firm GFI Software, Apple's Mac OS X had 147 vulnerabilities (with 64 labeled as "high vulnerabilities") and iOS had 127 total flaws (32 being "high vulnerabilities").  Both the Apple products claimed the top two spots for most security flaws in 2014.

Just behind Apple's iOS was the Linux Kernel, with 119 vulnerabilities. The open source platform did not perform so well in a year that brought us high-profile security issues like Shellshock and Heartbleed. "2014 was a tough year for Linux users from a security point of view, coupled with the fact that some of the most important security issues of the year were reported for applications that usually run on Linux systems," read the report.

While Microsoft's Windows OS escaped landing in the top three spots in terms of flaws, the rest of the top-10 list is made up of the company's offerings, with Windows Server 2008 coming in at No. 4 with 38 vulnerabilities (24 labeled as high). Still, the company's overall vulnerability count was relatively low compared to the bronze-grabbing Linux Kernel and Apple.  In fact, despite populating seven of the 10 spots, Microsoft's total number of vulnerabilities was 248 -- 26 less than the total number of vulnerabilities on Apple's mobile and desktop platforms.

Still, OS issues paled in comparison to third-party application vulnerabilities. "Third-party applications are the most important source of vulnerabilities with over 80 percent of the reported vulnerabilities in third-party applications. Operating systems are only responsible for 13 percent of vulnerabilities and hardware devices for 4 percent," according to GFI Software.

Even though it had a strong OS flaw track record, compared to Apple and Linux, Microsoft's Internet Explorer was the most vulnerable application last year, with 242 vulnerabilities (220 of them labeled high). Two other Web browsers came in right behind IE: Google's Chrome came in with124 vulnerabilities and Mozilla Firefox had a total of 117 for last year.

Overall, it was not a good year for found vulnerabilities. GFI Software pointed to the fact that 7,038 issues were added to the National Vulnerability Database (NVD) in 2014, which was quite a jump up from the previous year's 4,794 issues . The only positive takeaway from these numbers were the fact that while the overall quantity increased, the percentage of those rated high was down, year-over-year, to 24 percent.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Cloud Services Use on the Rise But Security Concerns Remain

    A recently published industry report suggested that use of public cloud services by organizations may nearly double in the next two years.

  • OneDrive Users To Get Storage Options, Plus New Personal Vault

    Microsoft announced a few OneDrive enhancements, including storage-option additions, plus a new "Personal Vault" feature for added security assurance.

  • Cloud Services Starting To Overtake On-Prem Database Management Systems

    Database management system (DBMS) growth is happening more on the cloud services side than on the traditional "on-premises" side, according to a report by Gartner Inc.

  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.