Chrome, Firefox and Safari among the apps with the most vulnerabilities: reports increased 26% in 2022, according to analysis

Reports of vulnerabilities increased by 26% in 2022, compared to 2021, which means a historical peak, according to an ESET analysis. between five Applications Four web browsers appear with the most reported breaches: Chrome, Firefox, Safari and Internet Explorer. Likewise, those of remote code execution were the most reported last year.

“This information gives us value for understand our level of exposure to computer threats, both at the user and company leveland have a better overview of how malicious actors operate”, comments Mario Micucci, computer security researcher at ESET Latin America.

LOOK: The Last of Us: cybercriminals steal user bank details posing as TLOU Part II for PC

In 2022, a historical peak was reached with 25,226 vulnerabilities reported in different products and manufacturers. This figure represents a 26.5% growth in the number of reported vulnerabilities compared to 2021 and equals some 70 vulnerabilities per daya situation that shows that if the daily average is maintained and an increase in detections can be provided for 2023 compared to 2022.

Of the reported vulnerabilities, only 3.4% are of a critical nature. This represents a drop from 2021 where the percentage of reported critical vulnerabilities was 5.81%. Therefore, although more vulnerabilities were discovered in 2022 than in other years, their severity was lower.

LOOK: Meta sues a company for collecting information from more than 600,000 Facebook accounts using fake profiles

Applications with the highest number of reported vulnerabilities in 2022

Several web browsers appear within the top 10 applications with the most reported bugs. The first on the list is actually the Google Chrome browser, which is used by millions of users.. The second place is occupied by the Firefox browser, which is also widely used. In third place is the Mysql database manager, which is also widely used both in technology infrastructures and by end users.

“If we think in terms of revenue, For cyber attackers, the most used applications will always be the most likely to be exploited, since generally malicious actors seek to reach as many people/victims as possible.. In 2022 alone, Google released several Chrome updates in which it repaired nine zero-day vulnerabilities that affected the browser and the company itself claimed to be aware of reports indicating that they were being exploited by malicious actors at the time of their discovery.adds Micucci.

LOOK: WhatsApp: how do I know if another person has logged in with my account on another device?

Operating Systems with the highest number of vulnerabilities

Although Debian Linux is presented as the operating system with the highest number of reported security flaws in history until 2022, it is important to clarify that We are not necessarily talking about critical vulnerabilities.

Having this clear, in the case of Debian Linux, the history of reported vulnerabilities from 1999 to 2022 is 7,489. In 2022, 720 vulnerabilities were reported, with 2018 being the year in which the highest number was registered with 1,407. Regarding severity, of the 720 bugs reported in 2022, only 14 were critical and 109 allowed code execution.

for the system Android, a historical record was reached in 2022 with 899 reported vulnerabilities, surpassing 2020, which until now was the year in which the most vulnerabilities had been reported with 859. Of the vulnerabilities reported in 2022, 43 of them were considered highly critical and 102 allowed code to be executed. In the accumulated from 2009 to 2022, a total of 4,902 vulnerabilities were reported in Android.

In the case of Fedora, it is the third operating system with the most reported vulnerabilities from 2007 to 2022 with a total of 4,108. In 2022, a total of 906 vulnerabilities were reported, of which 84 are code execution.

LOOK: This is the reason why you should not charge your cell phone in public places

Manufacturers with the most reported vulnerabilities in their products

Regarding technology companies that develop software and applications aimed at users and companies, in first place is Microsoft as the manufacturer that accumulates the highest number of reported vulnerabilities since its inception. But, it is clarified that to draw better conclusions it is important to consider other variables, such as the historical evolution, the number of products in which failures have been reported and their criticality. Only in this way is it possible to have a more complete picture of the risks to which people and organizations are exposed according to the products they use. Microsoft, for example, records the highest number of vulnerabilities, but on a 719-product basis, while Fedora, for example, is on a 22-product basis, giving an average of 190 vulnerabilities per product..

LOOK: The three trends in cybersecurity (and cyberattacks) that are coming in 2023

Most reported types of vulnerabilities in 2022

With respect to the type of threats detected, it is indicated that the scenario is varied, but it stands out bugs that allow code execution, with 22% of reported vulnerabilities. It is important to mention that this type of vulnerability is highly critical and risky.

Vulnerabilities most used by cybercriminals during 2022 in the region

Among the five vulnerabilities most used by cybercriminals during 2022 in Latin America, there are two that were discovered 10 years ago and affect massively used services. One of them is the CVE-2012-0143, whose associated exploit takes advantage of a vulnerability in Microsoft Windows that allows remote execution of arbitrary code; and the second is the CVE-2012-0159, whose exploit exploits a flaw in the operating system itself and which also allows remote access to a vulnerable system without the need for authentication. “The validity of these vulnerabilities undoubtedly speaks of the fact that there is still a lack of awareness on the part of users and it should raise alarm bells so that they advocate implementing good security practices that include the installation of updates and security patches in order to avoid possible incidents”warns Micucci.

Source: Elcomercio

Callum

I have worked in the news industry for over 10 years. I have a vast amount of experience in writing and reporting. I have also worked as an author for a number of years, writing about technology and other topics.

I am a highly skilled and experienced journalist, with a keen eye for detail. I am also an excellent communicator, with superb writing skills. I am passionate about technology and its impact on our world. I am also very interested in current affairs and the latest news stories.

I am a hardworking and dedicated professional, who always strives to produce the best possible work. I am also a team player, who is always willing to help out others.