Secunia has just released its Quarterly Country Reports/ Q4 2014
January 2015 by Secunia
Secunia has just released its Quarterly Country Reports/
Q4 2014. Also included
below is some interesting analysis and commentary from Kasper Lingaard,
Director of Research and Security at Secunia.
The reports break down how much and what type of vulnerable software is
currently installed on private PCs. In addition to the US Country report,
there are reports for 14 other countries as well.
Beyond any immediate use, I thought these reports might serve as a good
reference for anything you might be writing down the line tied to the
following topics:
– Software application programs installed (and by how many vendors)
– End-of-life programs installed
– Unpatched third party programs
– Origin of vulnerabilities
– Most exposed programs (and current market share of each)
– End of life programs
*Commentary and Analysis from Kasper Lingaard, Director of Research and
Security, Secunia*
"The vulnerability landscape is dynamic, despite a few vendors that almost
always report vulnerabilities within their products on a fixed schedule.
The fact that widespread products such as Internet Explorer and .NET
Framework listed in the Top 10 of the "Most Exposed" list is no big
surprise. When applications have a market share in the top quartile it only
takes a small set of unpatched instances before it appears on the list.
.NET is an essential framework required by many different applications. It
receives updates through Windows Update and has its vulnerabilities
disclosed via Microsoft’s normal Patch Tuesday cycle."
"The 248 vulnerabilities report in Internet Explorer during 2014 is
certainly an increase, seen over the last long period. It is too early to
conclude whether it is a bad or a good sign: is it because Microsoft is
becoming more focused on browser security? Is it a result of the "Internet
Explorer 11 Preview Bug Bounty"? Or is it just where (both sides of) the
industry has directed its focus in 2014?"