"Most Popular Applications with Critical Security Vulnerabilities" by Bit9

According to Bit9

"The list this year expanded to include 12 applications, up from 10 last year, due to the increase in vulnerabilities and the popularity of applications such as Skype and Yahoo! Assistant that are often used by employees within an enterprise.

Five of the top 12 applications with known vulnerabilities include:

  • Mozilla Firefox, versions 2.x and 3.x
  • Adobe Acrobat, versions 8.1.2 and 8.1.1
  • Microsoft Windows Live (MSN) Messenger, versions 4.7 and 5.1
  • Apple iTunes, versions 3.2 and 3.1.2
  • Skype, version


To read the rest - http://www.bit9.com/news-events/press-release-details.php?id=102

(Link for the full report - http://www.bit9.com/landing/2008vulnerableapps.php (You need to register).)

Say your thoughts.

P.S: I’ll give mine in a few. I’m just updating my system, as I just reformatted it. :slight_smile: See you in a bit.

My thoughts: iTunes suprised me. But after seeing so many videos and other documents considering the subject of how easy it is to use securityholes in Apples products, nothing suprises me so hugely as it would have suprised me before watching those documents.
Are Mozilla, Adobe, Windows, Skype, Apple and others aware of the securityholes in their products. If they are, has a patch been released? Where can we download it? Or are the software producers so lazy and careless that they’ll wait until other people/peoples have repaired the holes, and then they “steal” that patch to their own names by diferent methods, like paying a “big” amount of money to the people that repaired the holes, and release it when lot’s of malware and attacks have passed from these holes?

And yes, if patches have been released, it would be nice to know where for example can i download them for adobe products and firefox. iTunes searches for updates and updates itself (atleast mine does) when a update is released.

And gonna reformat my system soon also.

This iTunes version is SOOOOOO old. iTunes is on version 8 now. Skype is 3.8 stable and 4 beta.

Noticed it also after posting. Silly me. (:LGH)

The entire Bit9 thing is a joke.

Their criteria for inclusion on the list makes it a joke.

No software is 100%. Companies that are quick to respond and fix
problems openly are persecuted.
Companies that do nothing and leave problems unfixed hoping no one
notices get a free pass.

IE over FF give me a break. And no I ain’t nobody’s fanboi.
And yes, I do know what I’m talking about.

There’s my thoughts.
Do I sound mad, I hope not, It’s so hard to tell from the written word.