Apple, Oracle, Google Lead Major Vendors with Software Vulnerabilities in Q1, Security Report Says
By John P. Mello Jr.
Apple led all major technology vendors in reported vulnerabilities in its operating system and software during the first three months of 2012, according to a report released Tuesday by Trend Micro.
Apple reported 91 vulnerabilities during the period, making it number one among the top 10 technology vendors in the industry, said the report, “Security in the age of Mobility.” [PDF]
Trailing Apple were Oracle (78 vulnerabilities), Google (73), Microsoft (43), IBM (42), Cisco (36), Mozilla (30), MySQL (28), Adobe (27) and Apache (24).
In addition, Trend Micro reported that Apple issued a record number of patches to its Safari browser in March during the period. A year earlier, March was also a mammoth month for patches, with Apple addressing 93 vulnerabilities, a third of them characterized as “critical,” in its Leopard and Snow Leopard operating system.
Trend Micro also found in its quarterly security roundup that it found 5000 new malicious Android apps during the period. “With the increased use of smartphones for Internet access and the huge Android user base, the increase in attacks targeting the platform is thus not surprising,” the report said.
In recent days, Apple security received a black eye with the outbreak of the Flashback Trojan, which at its height infected more than 600,000 computers. Despite some innovative efforts by Apple to eradicate Flashback, recent tallies estimate that 140,000 Macs remain infected with the malware.
Meanwhile, Black Hats have started moving away from their initial vehicle for delivering Flashback—a vulnerability in Java for the Mac—and have begun boobytrapping Microsoft Word documents to spread the Trojan.