Apple's security shame

IBM’s X-Force security threat report for the first half of 2010 lists Apple, Microsoft and Adobe Systems as the top three makers of products with the most vulnerabilities.

While the inclusion of Adobe and Microsoft will come as no surprise, the failure of Apple’s security should be a huge embarrassment to an outfit whose followers claim they have the most secure bit of kit in the world. Particularly as the report clearly identifies Jobs’ Mob as peddling the worst that humanity has come up with.

IBM’s X-Force said the number of disclosed vulnerabilities during the first half of 2010 shot up 36 percent from the same period the previous year with 4,396 new vulnerabilities in the first half of the year.

Apple accounted for four percent of all disclosures making it the world’s worst performer on security. Microsoft is a number two, but this was ever so.  Adobe Systems gets the bronze thanks to a burst of problems involving Adobe Reader and Flash Player. Last year Adobe was ranked at nine, but that was before it became the attack vector of choice at the beginning of the year. Until then ActiveX was a favoured target, but the hackers seem to have lost interest.

While Microsoft had the worst type of security holes in sheer numbers, Linux took the top spot, with Apple coming in at two on that score.

Vendors did not seem to be particularly keen on patching flaws either. More than half of the vulnerabilities had no vendor-supplied patch at the end of the period, IBM said. Oracle was the worst with 24 percent of unpatched bugs. Microsoft was second highest with 23.2 percent.