In order to predict what security threats are likely to emerge in the coming year, we need to look back in the closure of 2013.
What were the most vulnerable operating systems, apps and software operating last year?
According to a new GFI labs report released on Monday, last year, a number of high severity vulnerabilities were found in the most popular applications and operating systems in use. Using figures from the National Vulnerability Database (NVD), the researchers found on average, 13 new vulnerabilities per day were reported in 2013, for a total of 4,794 security vulnerabilities: the highest number recorded in the last five years. Roughly a third of these vulnerabilities were classes as "high severity."
In terms of vendor, Oracle leads the pack with 514 security vulnerabilities reported, and Java alone accounted for 193 vulnerabilities, over 100 of them deemed "critical." Cisco comes in second with 373 reported security flaws, and Microsoft accounted for 344, 248 of which are considered critical.
When it boils down to browsers, Internet Explorer was extremely vulnerable in the same manner as Java -- but Google Chrome was the third most vulnerable piece of software in 2013, increasing its vulnerability rating by 43 points. Mozilla's Firefox, however, did rather well last year, bringing down its number of vulnerabilities to 149, 96 of which are critical -- which cause far more damage when exploted than medium or low-risk security flaws, but a better record than Microsoft, Jave or Chrome.
Operating systems, naturally, were not left out as targets for exploitation. There has been an overall increase in the number of security flaws discovered in all modern operating systems although Microsoft has been issued the top spot; vulnerabilities found in Windows 7 in 2012 were greater by 58 records in 2013 as users transitioned from Windows XP. However, luckily for users, most of these security flaws are not critical.
The newest system, Windows 8, is a lucrative target for hackers, with the number of vulnerabilities found increasing from just five severe vulnerabilities in 2012 to 43 last year.