Security vulnerabilities are on the rise and so too are the number of unpatched vulnerabilities.
According to IBM (NYSE:IBM), 2010 was a banner year for vulnerabilities with nearly 8,000 detailed during the year. The 2010 tally is a 27 percent year-over-year increase.
“We think attackers develop exploits shortly after vulnerabilities are publicly disclosed,” Tom Cross, threat intelligence manager at IBM X-Force told InternetNews.com. “Talking about the window of opportunity is important for vendors to make sure they deliver patches quickly and also to make sure that people that operate computer networks are installing the patches quickly.”
Cross noted that the increase in vulnerability reports is partly due to the amount of work that is going on in companies to identify software vulnerabilities.
Though the rising number of reported vulnerabilities can be seen in a positive light, there is another related trend that IBM is warning about. Cross noted that 44 percent of all security vulnerabilities did not have a vendor supplied patch by the end of 2010.
IBM did not however break down the patch data by type of application, as such it’s unclear as to which applications are the least likely to be patched.