X hits on this document

PDF document

Symantec enterpriSe Security - page 17 / 97





17 / 97

Symantec Global internet Security threat report

Vulnerability Trends Highlights

  • Symantec documented 4,501 vulnerabilities in 2009. this is a decrease from the 5,491 vulnerabilities documented in 2008.

  • Mozilla Firefox was affected by 169 new vulnerabilities in 2009, more than any other browser; there were 94 new vulnerabilities identified in Apple® Safari®, 45 in Microsoft internet Explorer, 41 in Google® Chrome and 25 in Opera™.

  • Of the 374 vulnerabilities documented in Web browsers in 2009, 14 percent remain unpatched by the vendors at the time of writing. Of the 232 Web browser vulnerabilities documented in 2008, 18 percent remain unpatched.

  • Of all browsers Symantec analyzed in 2009, Safari had the longest window of exposure (the time between the release of exploit code for a vulnerability and a vendor releasing a patch), with a 13-day average; Internet Explorer, Firefox, and Opera had the shortest windows of exposure in 2009, averaging less than one day each.

  • There were 321 browser plug-in vulnerabilities identified in 2009, fewer than the 410 identified in

    • 2008.

      ActiveX technologies still constituted the majority of new browser plug-in vulnerabilities, with 134; however, this is a 53 percent decrease from the 287 ActiveX vulnerabilities identified in 2008.

  • the top attacked vulnerability for 2009 was the Microsoft Windows® SMB2 ‘_Smb2ValidateproviderCallback()’ remote Code Execution Vulnerability.

  • In 2009, Symantec documented 12 zero-day vulnerabilities, compared to nine in 2008.

Malicious Code Trends Highlights

  • Symantec created 2,895,802 new malicious code signatures in 2009, a 71 percent increase over 2008; the 2009 figure represents 51 percent of all malicious code signatures ever created by Symantec.

  • Of the top 10 new malicious code families detected in 2009, six were trojans, two were worms with back door components, one was a worm, and one was a virus.

  • Trojans made up 51 percent of the volume of the top 50 malicious code samples reported in 2009, a decrease from 68 percent in 2008.

  • Four of the top 10 staged downloaders in 2009 were trojans, two were worms that incorporated a back door component, three were worms, and one was a worm that incorporated a virus component.

  • in 2009, eight of the top 10 threat components downloaded by modular malicious software were trojans, one was a worm, and one was a back door.

  • in 2009, the proportional increase of potential malicious code infections was greatest in the Europe, the Middle East, and Africa region.

  • The percentage of threats to confidential information that incorporate remote access capabilities increased to 98 percent in 2009, a significant increase from 83 percent in 2008.

  • in 2009, 89 percent of threats to confidential information exported user data and 86 percent had a keystroke-logging component; these are increases from 78 percent and 76 percent, respectively, in 2008.

Tweet Tweet









Document info
Document views386
Page views386
Page last viewedSun Jan 22 10:47:39 UTC 2017