Symantec names top newly discovered vulnerabilities

Internet security company Symantec has pinpointed what it believes are the top 10 newly discovered vulnerabilities during January.

Microsoft ISA Server 2000 H.323 filter remote buffer overflow vulnerability came in as number one on the company's list. This was followed by Multiple Vendor H.323 Protocol implementation vulnerabilities, and Linux Kernel do_mremap Function Boundary Condition vulnerability.

Symantec's list of top 10 was based on a range of criteria, including the vulnerability having an impact rating of moderate-high to high and being remotely exploitable. The vulnerabilities also had to affect widely deployed and well-known technologies and have a potential for hackers to exploit them as part of a blended threat, according to a statement issued by Symantec.

Tim Hartman, systems engineer director for Asia Pacific at Symantec, told iTnews that the biggest problem was that people don't always patch their systems. He said that if organisations haven't patched, a virus may take advantage of that vulnerability. "It's really maintenance that's a big problem at the moment," Hartman said.

"When there's a new threat, like Mydoom, people pay more attention to their systems and start patching...[although] large enterprises tend to be more secure than small organisations." This was because large organisations might have a chief security officer, while smaller companies tended to focus on one project at a time, he said.

Asked by iTnews to compare the situation to a year or so ago, Hartman said that the problem was that a lot more people were coming online, and because broadband was more prevalent people were always connected. "Before, viruses travelled relatively slowly...now if [you're] permanently connected you could be infected within 20 minutes," he said.