DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
January 28, 2021 
Main Menu
News archives

Who's Online
There are currently 172 people online.


Latest Reviews
ASUS ROG Strix B450-F Gaming Motherboard
Sonos Move
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse

Follow us

IBM: only 5% of bugs disclosed

Posted on Sunday, June 10 2007 @ 11:10:40 CEST by

Gunter Ollmann, a security director at IBM, says most people grossly underestimate the number of vulnerabilities in software they're using at home and at work. He says the 7,247 vulnerabilities that were disclosed last year were just the tip of the iceberg:
The issue, though, is that he estimates that there also were 132,115 undisclosed vulnerabilities discovered last year. That means only 5.48% of them were disclosed to the public.

"To be sure, 139,362 new vulnerabilities in a single year is a colossal number, but is it wrong?" asked Ollmann in his blog entry. "Too many people underestimate the number of vulnerabilities in the software they use at home and in the enterprise office. Public vulnerability disclosures provide only a small window into the total number of vulnerabilities uncovered on an annual basis."

What does that mean to the IT or security manager trying to protect their network?

"If you're basing your protection strategy upon keeping up solely with public vulnerability disclosures, you're missing almost 95% of the vulnerabilities actually out there (this year)," said Ollmann. "If your defense systems are designed to protect against specific vulnerabilities (i.e. signature-based), it probably means that it was designed to protect a subset of publicly disclosed vulnerabilities. Preemptive protection engines are needed for the remaining 97% of annual vulnerabilities."
Source: InformationWeek.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2021 DM Media Group bvba