Symantec names top newly discovered vulnerabilities

Powered by SC Magazine
 

Internet security company Symantec has pinpointed what it believes are the top 10 newly discovered vulnerabilities during January.

Microsoft ISA Server 2000 H.323 filter remote buffer overflow vulnerability came in as number one on the company's list. This was followed by Multiple Vendor H.323 Protocol implementation vulnerabilities, and Linux Kernel do_mremap Function Boundary Condition vulnerability.

Symantec's list of top 10 was based on a range of criteria, including the vulnerability having an impact rating of moderate-high to high and being remotely exploitable. The vulnerabilities also had to affect widely deployed and well-known technologies and have a potential for hackers to exploit them as part of a blended threat, according to a statement issued by Symantec.

Tim Hartman, systems engineer director for Asia Pacific at Symantec, told iTnews that the biggest problem was that people don't always patch their systems. He said that if organisations haven't patched, a virus may take advantage of that vulnerability. "It's really maintenance that's a big problem at the moment," Hartman said.

"When there's a new threat, like Mydoom, people pay more attention to their systems and start patching...[although] large enterprises tend to be more secure than small organisations." This was because large organisations might have a chief security officer, while smaller companies tended to focus on one project at a time, he said.

Asked by iTnews to compare the situation to a year or so ago, Hartman said that the problem was that a lot more people were coming online, and because broadband was more prevalent people were always connected. "Before, viruses travelled relatively slowly...now if [you're] permanently connected you could be infected within 20 minutes," he said.


 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  71%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 756

Vote