The number of vulnerabilities in the first half of 2010 was close to the number recorded in the whole of 2009, security notification firm Secunia reports.
Apple ranks first, ahead of runner-up Oracle, and Microsoft in the number of security bugs found in all their products in 1H 2010. During the first six months of 2010, Secunia logged 380 vulnerabilities within the top-50 most prevalent packages on typical end-user PCs, or 89 per cent of the figure for the entire year of 2009.
Secunia reckons the security threat landscape is shifting from operating system vulnerabilities to bugs in third-party applications. Secunia reckons a typical end-user PC with 50 programs installed will be faced with 3.5 times more security bugs in the 24 third party programs running on their systems than in the 26 Microsoft programs installed. Secunia expects this ratio to increase to 4.4 in 2010.
Patching to defend against these vulnerabilities is further complicated by the 13 different software update mechanisms running on each PC.
Between 2007 to 2009 the number of vulnerabilities affecting a typical client PC almost doubled from 220 to 420. Secunia reckons that will almost double again to reach 760 for 2010 as a whole.
Secunia's study can be found here (PDF). ®