Third-party applications accounted for almost 90 percent of vulnerabilities last year, a new report said.
Eighty-seven percent of the vulnerabilities found in the top 50 programs affected third-party programs such as Adobe Flash and Reader, Java, Skype, various media players and others outside the Microsoft ecosystem, according to the report from Danish vulnerability research firm Secunia.
That means the remaining 13 percent of the vulnerabilities “stem from operating systems and Microsoft programs,” according to Secunia’s “Vulnerability Review” report.
The number of flaws targeting Windows users rose 5.5 percent last year. The CVE count in Microsoft programs went down 21 percent from 2011 to 2012, a number the report attributes to Microsoft’s Patch Tuesday monthly software security update schedule.
The report also describes the efficiency of patching processes, writing that last year 80 percent of vulnerabilities had a patch available on the day they ended up disclosed, up from 72 percent in the year prior.
The firm detected nearly 10,000 vulnerabilities during the last year across 421 vendors, 20 percent of which Secunia deemed “highly critical.”
The basis of the information comes from data the firm gathered from millions of computers that had the security company’s Personal Software Inspector (PSI) installed over the last year.
Click here to register for a free report download.