In spite of that, the Q2 Risk Based Security vulnerability report indicates clear signs of a return to the regular levels. Considering the latest numbers, as the year progresses, the total is likely to exceed that of last year’s.
Microsoft registers a 150 percent increase in the number of vulnerabilities
The latest report goes further into the details and mentions a few notable vendors and products with major vulnerability counts. A name that easily stands out is Microsoft. Is spite of being security conscious, it registers a 150 percent increase in the total number of vulnerabilities disclosed between January 1, 2020, and June 30, 2020, as compared to the first six months of 2019. A high degree of concern is given by the fact that no less than 30% of all vulnerabilities disclosed during the first half of 2020 do not have CVE ID. More specifically, 3% of them are still in the RESERVED status. This means that no information for those vulnerabilities is available within the CVE/NVD database at the moment: The 2020 Mid Year Vulnerability QuickView Report also points to Windows 10 as being the product with the most disclosed vulnerabilities by the end of Q2. Organizations are increasing their own risk by relying on CVE to provide complete and timely data. The current level of vulnerability disclosures organizations face on a daily basis are more than CVE can handle, and it will only get worse. Brian Martin, Vice President of Vulnerability Intelligence, RBS Speaking of vulnerabilities, this trend was also observed by us during the Patch Tuesdays of 2020. That’s how our current year looks so far:
February: 99 CVEs March: 115 CVEs April: 118 CVEs May: 147 CVEs June: 139 CVEs July: 136 CVEs August: 146 CVEs
Are you worried about the increasing number of 2020 vulnerability reports? Let us know in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
