SANS issues vulnerability top 20
Annual study of security risks finds software and humans present dangers.
The SANS Institute has released its annual survey of vulnerabilities putting computer systems and networks at
risk, finding increasing threat levels in server and client side software as well as a growing trend of risks
emerging from human nature rather than programming flaws.
The study discusses problems with browsers, email clients, office software and media players on the client side, and web
applications, services offered by the operating system, databases and backup systems on servers, as well as highlighting
an increased emphasis on exploitation of flaws in security software. At a more human level, inappropriate use and
configuration of software as well as the dangers of social engineering are analysed.
A summary of the findings, including free links to check for vulnerabilities and measure web attack levels, is at
SANS here, with full details of the study
risks, sans, survey, vulnerability.
Posted on 29 November 2007 by Virus Bulletin.
del.icio.us digg this