Position: Left for the proportion of unrepaired holes, the right to not repair the "key" and "high" risk ratio
SAN FRANCISCO, Sept. 1 early morning news, according to foreign media reports, last Wednesday IBM security research team published a major software maker of software security vulnerabilities on their own repair reports, and gain a position.
Rankings, IBM’s own software, 29% of the “critical” and “high” risk has not been fixed, for the major software vendors in the worst performance. And Google are both ranked in the best performance, so that all the open holes (including the critical and high-risk vulnerabilities) have timely patches.
The report published twice a year, mainly to track within six months the major software vulnerabilities and hacker attack exploited the situation, while the major software vendors to fix known vulnerabilities were investigated and ranked by the survey, including Microsoft, Apple, Oracle, Cisco and IBM own and so on.
The survey found that Microsoft first half of 2010, 23% of known software vulnerabilities have not been repaired, ranking first in the major software vendors, followed by Mozilla (Mozilla) of 17%, Apple 12%, IBM Sun 9% and 8%.
In the known “critical” and “high” risk ratio is not fixed, IBM in the first half of the figure as high as 29%, the highest ranking, followed by Oracle’s 22%, Novell 10%, 7% of Microsoft and HP’s 5%.
However, IBM in this survey did not distinguish between the use of loopholes and cyber crime from the security researchers discovered vulnerabilities. In fact, the survey most of the loopholes in the statistics is the so-called “white hat” hackers discovered, they will not use loopholes to attack, but only make the software more secure.
Reported, such investigation report urged the major software vendors are often able to fix known vulnerabilities in its software so as to enhance software security.
no comment untill now