015
02
_ THREATS TO YOUR ORGANIZATION
Chart 2-I demonstrates that the most popular products used
by almost all organizations around the globe are also the most
vulnerable – Oracle, Apple and Microsoft are the leading
vulnerable vendors.
Additionally we have found that security events
related to Microsoft products were found in 68% of
the organizations. Security events related to other
software vendors, such as Adobe and Apple, were found
in significantly fewer organizations. It is interesting to
observe that although Apple is second in the amount
of vulnerabilities, only a small percentage of the
organizations actually had security events related to
Apple products.
2012 Top Vulnerabilities and
Exposures by Vendor
59
HP
62
PHP
80
Google
118
IBM
119
Cisco
119
Adobe
150
Firefox
222
Microsoft
260
Apple
384
Oracle
Our research shows that 75% of hosts in organizations are
not using the latest software versions (for example: Acrobat
Reader, Flash Player, Internet Explorer, Java Runtime
Environment and more). The meaning is that these hosts
are exposed to wide range of vulnerabilities that can be
exploited by hackers. Our research also shows that 44% of
hosts in organizations are not running the latest Microsoft
Windows Service Packs. Service Packs usually include
security updates for the operating system. Not running the
latest Service Pack means a security risk.
CHECK POINT 2012 SECURITY REPORT
Hackers are using various techniques referred to as attack
vectors. Chart 2-K lists some of these attack vectors, according
to the percentage of organizations that suffered from them.
Memory Corruption, Buffer Overflow and Denial of Service
are the most popular attack vectors found in our research.
Chart 2-i
Source: Common Vulnerabilities and Exposures (CVE)
Security Events by Software Vendor
% of Organizations
3
%
HP
4
%
Apple
5
%
Apache
5
%
Novell
13
%
Adobe
15
%
Oracle
68
%
Microsoft
Chart 2-j
Source: Check Point Software Technologies
1...,4,5,6,7,8,9,10,11,12,13 15,16,17,18,19,20,21,22,23,24,...50