Home Apple’s Software for Windows Ranked # 1 in Total Number of Security Vulnerabilities

Apple’s Software for Windows Ranked # 1 in Total Number of Security Vulnerabilities

A report from Secunia shows that Apple has passed Oracle in the total number of self-reported software security vulnerabilities in its Windows XP and Vista products, such as iTunes and Safari. The report does not rank companies by severity of vulnerabilities, only number, so this does not mean Apple’s software is the highest risk – other sources indicate Adobe Reader may be the most dangerous. The report highlights the lack of improvements made by the software industry as a whole and the difficulties facing IT managers and consumers face in keeping software patched.

The top ten third party applications, ranked by total number of reported vulnerabilities:

1. Mozilla Firefox

2. Apple Safari

3. Sun Java JRE

4. Google Chrome

5. Adobe Reader

6. Adobe Acrobat

7. Adobe Flash Player

8. Adobe AIR

9. Apple iTunes

10. Mozilla Thunderbird

Apple has consistently come in higher than Microsoft, but this is the first year since Secunia started tracking vulnerabilities that Apple has topped Oracle. We’ve previously reported that Apple is beefing up its anti-malware capabilities in OSX.

According to F-Secure, Adobe Acrobat Reader and Microsoft Word were the most commonly attacked applications in 2009. Others report that Reader exploits are on the rise in 2010. This week, Adobe announced it will implement “sandboxing” to make Reader more secure.

According to the report, a typical user has more than 66 programs from more than 22 different vendors installed. The report says 3rd party software is being increasingly targeted, yet most vendors don’t do automatic updating – they leave that to end users. “It appears that most vendors do not take signicant steps to secure their users and customers before active exploitation takes place on a larger scale where it starts to threaten the overall reputation of the business,” the report says.

Secunia plans to update its free personal tool Secunia PSI to actually update software and not just scan for potentially vulnerable software. Meanwhile, IT managers should look into enterprise patch management solutions. Patch management is one of the most time consuming and tedious IT security activities, but enterprises should make patching third party software a high priority.

Hat tip to Matt Asay and Ars Technica

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.