015
02
_ THREATS TO YOUR ORGANIZATION
Chart 2-I demonstrates that the most popular products
used by organizations were also the most susceptible to
cyberattacks. Oracle, Apple and Microsoft were the most
vulnerable system vendors in 2012.
Additionally, we found that Microsoft product related
security events were found in 68% of the test organizations.
Security events relating to other software vendors, such
as Adobe and Apple, were found in significantly fewer
organizations. It is interesting to note that although
Apple placed second in the amount of vulnerabilities
exposed, only a small percentage of organizations actually
experienced security events relating to Apple products.
2012 Top Vulnerabilities and
Exposures by Vendor
59
HP
62
PHP
80
Google
118
IBM
119
Cisco
119
Adobe
150
Firefox
222
Microsoft
260
Apple
384
Oracle
Our research shows that 75% of hosts in organizations were
not using the latest software versions (e.g. Acrobat Reader,
Flash Player, Internet Explorer, Java Runtime Environment,
etc). This means that these hosts were exposed to a wide
range of vulnerabilities that could have been exploited
by hackers. Our research also shows that 44% of hosts
in organizations were not running the latest Microsoft
Windows Service Packs. Service packs usually include
security updates for the operating system. Not running the
latest versions increases security risk.
CHECK POINT 2012 SECURITY REPORT
Hackers use various methods of attack to gain entry into the
system network. These are referred to as attack vectors. Chart
2-K lists some of the more prevalent attack vectors, with the
corresponding percentage of organizations that suffered
from them. Memory corruption, buffer overflow and denial
of service topped the list of most popular attack vectors
found in our research.
Chart 2-i
Source: Common Vulnerabilities and Exposures (CVE)
Security Events by Software Vendor
% of Organizations
3
%
HP
4
%
Apple
5
%
Apache
5
%
Novell
13
%
Adobe
15
%
Oracle
68
%
Microsoft
Chart 2-j
Source: Check Point Software Technologies
