Microsoft patching more critical vulnerabilities
Tuesday June 20, 2006 at 4:15 pm CST
Posted by Monty Ijzerman
If you have the feeling that Microsoft could be addressing more critical vulnerabilities, you may be right. Avert Labs has counted the number of vulnerabilities rated Critical and Important over the last 2 1/2 year and plotted them cumulative by year:
The top graph shows that this year Microsoft has already addressed as many critical vulnerabilities as in the whole of 2005. The bottom graph shows that the number of important vulnerabilities has not changed significantly.
Last week we wrote that we may see the start of a vulnerability growth trend fueled by bounty programs and organized crime. While too early to tell, the statistics indicate that Microsoft seems to be addressing an increasing number of critical vulnerabilities.
October 31st, 2006 at 12:31 pm
[…] Trackback Today Microsoft addressed 18 vulnerabilities of which 14 are rated critical. One of the critical vulnerabilities, (MS06-035) Mailslot Heap Buffer Overflow vulnerability, can be remotely exploited by an anonymous user on Windows 2000 SP4 and Windows XP SP1. This vulnerability is the only worm candidate among the patched vulnerabilities today. The update for our graphs of last month is found below. The top graph shows that this year Microsoft has already addressed more critical vulnerabilities than in the whole of 2005. The bottom graph shows that the number of important vulnerabilities has not changed significantly. […]