SANS issues vulnerability top 20

Annual study of security risks finds software and humans present dangers.

The SANS Institute has released its annual survey of vulnerabilities putting computer systems and networks at risk, finding increasing threat levels in server and client side software as well as a growing trend of risks emerging from human nature rather than programming flaws.

The study discusses problems with browsers, email clients, office software and media players on the client side, and web applications, services offered by the operating system, databases and backup systems on servers, as well as highlighting an increased emphasis on exploitation of flaws in security software. At a more human level, inappropriate use and configuration of software as well as the dangers of social engineering are analysed.

A summary of the findings, including free links to check for vulnerabilities and measure web attack levels, is at SANS here, with full details of the study here

Tags: risks, sans, survey, vulnerability. Posted on 29 November 2007 by Virus Bulletin.

 del.icio.us  digg this! digg this

Quick Links

Poll
Should software vendors extend support for their products on Windows XP beyond the end-of-life of the operating system?
Yes - it keeps their users secure
No - it encourages users to continue to use a less secure OS
I don't know
Leave a comment
View 24 comments

VB2014 sidebar

VB100 certification
VB100 For the first time in living memory, this test saw a clean sweep of certification passes, with all products reaching the required standard for a VB100 badge, and most also doing well in terms of stability.
See full results.

Virus Bulletin currently has 231,351 registered users.