Check the Browser

Number of Serious Software Vulnerabilities Has Increased in 2015

In 2015 fewer software security vulnerabilities were reported worldwide than in the previous year. But at the same time the number of published vulnerabilities with a high level of severity has increased - according to an analysis performed by the German "Hasso Plattner Institute" (HPI), named after Prof. Hasso Plattner. Plattner has been successfully linking business and science for decades. He is known for his achievements as the co-founder of SAP (near Karlsruhe) – with its more than 66,000 employees worldwide – as well as for his social commitment.

HPI School of Design Thinking  Photo: HPI
HPI School of Design Thinking  Photo: HPI

In the last twelve months alone at least 5,350 reports of software vulnerabilities have been registered or updated. In 2014 there were about 7,200 such vulnerabilities reported. The computer scientists’ overview shows that in comparison to the previous year there were more vulnerabilities with a high level of seriousness (i.e., about 2,000 in comparison to almost 1,800). There were markedly fewer indications of so-called vulnerabilities of a medium degree of severity, with about 2,800 registered in 2015. In 2014 around 4,800 were registered. There was little change in the amount of information on software vulnerabilities with minor impact.

At the same time, the HPI database for IT attack analysis (hpi-vdb.de) registered approximately 7,000 new software products and 400 new manufacturers in the course of 2015. More than 73,100 pieces of information on vulnerabilities are stored, which report on nearly 180,000 affected software programs from at least 15,500 manufacturers. “Computer users need to remain vigilant in regard to the security situation surrounding software,” said HPI director Prof. Christoph Meinel. Every possibility should be used to update operating systems, Internet browsers, and other software applications in order to eliminate vulnerabilities, the Potsdam computer scientist said.

In the HPI database, the essential and freely available information published in the Internet on software vulnerabilities and problems is integrated and combined. The classification of vulnerabilities by criticality is based on the free, open, and heavily used industry standard CVSS (Common Vulnerability Scoring System). “We are not able to make statements about how many unknown, or as yet undiscovered vulnerabilities are hidden in a software,” said institute director Meinel.

He pointed out that all Internet users can check their browser free of charge at the website hpi-vdb.de. Using self-diagnosis, users can check their browser for detectable vulnerabilities, which are often used to the advantage of cyber criminals to carry out attacks. The HPI system detects the browser version used—including common plugins— and displays a list of known vulnerabilities. Software for the display of web content is used most frequently by hackers for attacks. The user moves through the Internet with a browser and consequently provides a starting point for attacks. HPI plans an expansion of the self-diagnosis service to other installed software. (ps)

Infos: https://hpi-vdb.de/vulndb/

india india india india india india india india india india india india india india india india india india india

Topbeitrag

Anlaufstelle in Pune

 

Direkte Ansprechpartner
Die Kooperation zwischen Karlsruhe und dem indischen Pune ist einen Schritt weiter: Im Januar 2014 wurde im MCCIA Trade Tower, 403, Senapati Bapat Road, eine direkte Karlsruher Anlaufstelle in Pune eröffnet. Erste Ansprechpartner dort sind die Repräsentantinnen Iris Becker und Winnie Kulkarni von Let's Bridge IT, die rund um den Standort Karlsruhe informieren, aktiv Kontakte zu indischen Firmen halten - und dazu auch deutsche Firmen aus der TRK in und um Pune bekannter machen.


"Wir freuen uns, dass wir hier einen festen Standort haben. Das bringt unsere Kooperationen einen Schritt weiter", so der Tenor.
Auch von indischer Seite wurde dieses Engagement vor Ort schon mehrfach besonders gewürdigt: Eine gute Basis für weitere enge Kooperationen.

 

International Convention Centre Complex,
Karlsruhe Cooperation & Marketing Office
Let's bridge IT, Ms. Iris Becker
MCCIA Trade Tower, ICC Complex, 403 A
A-Wing, Ground Floor
Senapati Bapat Road
Pune - 411016, Maharastra - India
Tel: +91 75 0782 7033