We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,131 News Articles

Report: security flaws rose again in 2006

Web apps blamed for worsening crisis

The number of reported security flaws jumped for the second year in a row in 2006. So says CERT, the Computer Emergency Response Team.

CERT said 8,064 vulnerabilities were reported last year, up from 5,990 in 2005. Much of the increase was accounted for by bugs turned up in web applications, which are becoming more widely used by individuals and businesses alike. The number of vulnerability notes published by CERT also rose: to 422 in 2006 from 285 the previous year.

Increases of a similar proportion were reported in other vulnerability databases, including the National Vulnerability Database, the Open-Source Vulnerability Database and the Symantec Vulnerability Database, according to Security Focus, part of Symantec. Symantec said that in the first half of 2006, more than three-quarters of the bugs reported affected web applications.

CERT said the trend partly reflects the growing ease with which vulnerabilities can be spotted, for instance using code search tools such as the one Google launched recently. In addition, the applications affected are not necessarily a direct threat to enterprises, often being used more by small businesses or individuals.

However, the figures reflect a real increase in the proliferation – and vulnerability – of web applications, CERT said. Such dramatic increases are not a long-standing feature of the IT landscape. After nearly doubling in 2003 to 4,129, the number of vulnerabilities reported to CERT dropped to 3,784 in 2004 and held almost exactly steady in 2005, before rising again.


IDG UK Sites

OnePlus Two release date rumours: Something's happening on 22 July

IDG UK Sites

13in MacBook Air review, Apple's MacBook Air 2014 reviewed

IDG UK Sites

5 reasons to buy an electric car and 5 reasons not to

IDG UK Sites

Evernote Skitch: the best way for creatives to doodle feedback