Publication details

Home Publications Publication details

Response of Software Vendors to Vulnerabilities
Erebor G, Papadaki M
Advances in Communications, Computing, Networks and Security 6, ISBN: 978-1-84102-258-1, pp160-168, 2009
Can be ordered on-line.
Download links:  Download PDF

Software Security has remained a predominant issue with the most experienced defeat in the area of common exploits on holes and flaws left unknowingly on software called “Vulnerability”. This term as it refers- acts on vulnerable software of which one of the intended solution is a “Patch” released by Vendors for correcting any discovered vulnerability. Due to the consistent increase in vulnerability statistics by security organisations, it is assumed that vendors do not release patch on time and if at all, the patch ends up causing more harm than good.

In view of this, Statistical analysis has been carried out on nine different vendors with the most used products, which shows that apart from the fact that vulnerabilities doubles up each year, some vendors have very high vulnerability rate compared to others, because they have larger number of product with more general usage than others, thereby exposing them to more attack. Also, it is discovered that not all vendors have in place a security approach to vulnerability process. However, some vendors with these standards in place uses it to slow down the process of patching due to the long phases involved. Furthermore, despite the number of vulnerability patched, exploit is still on the rise because most patched get faulty, complex or sometimes not even available, thereby exposing the exploitable holes to more attack. As such, this work will give end-users, administrators and organisations some recommendation to safeguard them from immediate exploit, although these will only be temporal precautionary measures. In conclusion, vendors are trying their best, but it does not seem good enough, as some are still more profit motivated than security alertness, neglecting the fact that the world greatest asset lies in their hands.

Erebor G, Papadaki M