Bit9 unveiled its annual ranking of popular consumer applications with known security vulnerabilities. Often running outside of the IT department's knowledge or control, these applications can be difficult to detect; they create data leakage risk in endpoints that are otherwise secure; and cause compliance breaches that can result in costly fines. The list, published in a research brief entitled "2008's Popular Applications with Critical Vulnerabilities," is designed to highlight the need for greater visibility and control over organizations' endpoints, including laptops, PCs, servers and Point-of-Sale systems.
The list this year expanded to include 12 applications, up from 10 last year, due to the increase in vulnerabilities and the popularity of applications such as Skype and Yahoo! Assistant that are often used by employees within an enterprise.
Five of the top 12 applications with known vulnerabilities include:
Each application on the list has the following characteristics:
"Year after year, we see a growing number of applications within the enterprise creating security vulnerabilities that are easily prevented through better visibility across endpoints, and a more centralized patch-management process," said Harry Sverdlove, CTO, Bit9. "2008 has been no exception. This year, along with the widely reported huge increase in malware, the number of well-known applications causing security problems for companies has also increased. Our annual ranking now covers 12 applications, up from 10 last year.