Print
Discuss
Send to friend
RSS feedsSecurity experts discovered over 600 new vulnerabilities and web-based threats in the first three months of 2005, according to the Sans Institute.
Although fixes for the flaws have been made available in most cases, the security watchdog warned that many systems remain unpatched.
"These critical vulnerabilities are widespread and many of them are being exploited right now in our homes and offices," said Alan Paller, research director at the Sans Institute.
The Institute's updated Top 20 Internet Security Vulnerabilities list can be seen here. All the flaws are characterised as 'critical'.
Among the newcomers are several non-Microsoft products, including media players from Apple and Real Networks, AOL's WinAmp, and antivirus products from F-Secure, McAfee, Symantec and Trend Micro.
The media players are all susceptible to buffer overflow attacks. Users could be infected by visiting a website containing malicious code. The flaw affects Windows and Mac OS users.
The antivirus flaws could offer a backdoor into a system that allows hackers to take remote control.
There were still plenty of Microsoft products on the list, however, including several versions of Windows, MSN Messenger and Internet Explorer.
The list included two vendors of enterprise applications. Oracle had to patch vulnerabilities in its database server, application server, E-business Suite and Collaboration Suite that would allow remote users access to information and control of databases.
Computer Associates suffered a security vulnerability in its Licence Package that put several of the vendor's software products at risk from a buffer overflow attack.
See also:
Unified threat management devices drive main growth, reports IDC 12 May 2005
Promise of World Cup tickets hides deadly payload 03 May 2005
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack. 15 Apr 2004All Hacking
del.icio.us
Digg this
reddit!
