Kaspersky: 12 different vulnerabilities detected on every PC

Summary:Researchers from Kaspersky have sampled their customer base, and found out that on average, every PC has 12 different vulnerabilities.

Researchers from Kaspersky have sampled their customer base, and found out that on average, every PC has 12 different vulnerabilities.

During the second quarter of 2011, the company saw 27,289,171 vulnerable applications and files detected on users’ computers, and detected an average of 12 different vulnerabilities on each computer.

Here are the vulnerabilities discovered:

  • Adobe Reader / Acrobat SING "uniqueName" Buffer Overflow Vulnerability
  • Sun Java JDK / JRE / SDK Multiple Vulnerabilities
  • Adobe Flash Player SharedObject Type Confusion Vulnerability
  • Adobe Flash Player Multiple Vulnerabilities
  • Adobe Flash Player Multiple Vulnerabilities
  • Sun Java JDK / JRE / SDK Multiple Vulnerabilities
  • Adobe Flash Player / AIR AVM2 Instruction Sequence Handling Vulnerability
  • Adobe Flash Player Unspecified Memory Corruption Vulnerability
  • Adobe Shockwave Player Multiple Vulnerabilities
  • Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability

The company contributes the decline in Windows vulnerabilities, to improvements in the automatic Windows update mechanism and the growing proportion of users who have Windows 7 installed on their PCs. Moreover, Kaspersky Labs emphasizes on the fact that seven of the Top 10 vulnerabilities are found in one product only — Adobe Flash Player, and that vulnerabilities from 2007-2008 remain in the Top 10, with seven of the ten vulnerabilities were discovered in 2011, and the other three in 2010.

See also

With vulnerabilities found in Acrobat Reader and Adobe products clearly dominating the threatscape, end users and enterprise users should ensure that they are running the latest versions of their installed applications and browser plugins, at any time.

Topics: Hardware, Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.