With the seemingly endless torrent of new malware being created, one might expect a corresponding wave of patches. But no — apparently the patches aren’t keeping up. Sean Michael Kerner reports.
According to a new report from IBM (NYSE:IBM), 2010 was a good year — for new security vulnerabilities.
The annual IBM X-Force 2010 Trend and Risk Report reveals that in 2010, there was a 27 percent year-over-year increase in the number of new security vulnerabilities. In total, IBM documented more than 8,000 new vulnerabilities in 2010.
“In conjunction with that there was also a 21 percent increase in the public release of exploit code that targets vulnerabilities,” Tom Cross, threat intelligence manager at IBM X-Force told InternetNews.com. “This data means that we were busier in 2010 than 2009, it’s also indicative of the progress that has been made.”
Cross noted that the increase in vulnerability reports is partly due to the amount of work that is going on in companies to identify software vulnerabilities.
Though the rising number of reported vulnerabilities can be seen in a positive light, there is another related trend that IBM is warning about. Cross noted that 44 percent of all security vulnerabilities did not have a vendor supplied patch by the end of 2010.
Read the rest about security vulnerabilities at eSecurity Planet.