SANS revises Top 20 security vulns list

SANS revises Top 20 security vulns list
John Leyden, The Register 2005-05-03

Bugs in anti-virus scanners and various media players joined flaws in Microsoft and Oracle software products in a list of the 20 most serious vulnerabilities discovered the first quarter of 2005.

The list - compiled by the SANS Institute in co-operation with security vendors such as TippingPoint and Qualys - highlights the 20 most critical vulnerabilities among 600 new Internet security bugs discovered in Q1 2005. Vulnerabilities that are easy to exploit and where a large number of unpatched systems existed were highlighted in the report. "Individuals and organisations that do not correct these problems face a heightened threat that remote, unauthorized hackers will take control of their computers and use them for identity theft, for industrial espionage, or for distributing spam or pornography," the SANS Institute warns.

Various flaws in Internet Explorer and Microsoft Windows subsystems (such as a recent Server Message Block bug) make the top 20 list. These are joined by DNS caching flaws affecting a number of products from Symantec and Microsoft, media player bugs (RealPlayer, iTunes, WinAmp and Windows Media Players) and anti-virus product glitches (buffer overflow bugs in apps from Symantec, F-Secure, Trend Micro and McAfee). Vulnerabilities to Oracle database and application software products fixed with a January patch release also make the SANS Top 20 list.

The flaws are all well-documented. The idea of the Top 20 is to draw people's attention towards particularly serious problems that might have been overlooked. The SANS Institute has moved from an annual to quarterly update of the list starting with its Q1 2005 report. The change reflects the faster evolution of Internet threats, it said. ®