Home         News     Support     References     Sitemap      Search     Contact & Route
Hardware Solutions
Videowall Solutions
Software Solutions
Services
 
IM Apps Popular Security Liabilities

June 21, 2006

By InstantMessagingPlanet.com Staff

Security firm Bit9 has released a list of popular applications with known vulnerabilities. IM applications figured prominently.

According to its announcement, Bit9 built its list based on the following criteria:

  • is well-known in the consumer space and frequently downloaded by individuals;
  • is not classified as malicious software by enterprise IT organizations;
  • contains at least one critical vulnerability registered in the U.S. National Institute of Standards and Technology's (NIST) official vulnerability database;
  • has a severity rating of between 7.0 - 10.0 (high) on the CVSS scoring system;
  • relies on the end user, rather than a central administrator, to manually patch or upgrade the software to eliminate the vulnerability, if such a patch exists.

"These popular software applications are frequently downloaded to corporate desktops and can present serious risks for enterprise computing environments," said Dr. Todd Brennan, co-founder and CTO at Bit9.

IM apps listed in the report included AOL Instant Messenger, Microsoft's Windows/MSN Messenger and Yahoo's Instant Messenger, which ranked eighth, ninth and tenth on the list respectively. ICQ chat client ranked 15th.

Bit9's entire list is available as a PDF at the company's site.

Source: http://www.instantmessagingplanet.com/security/article.php/3615206
Unique: 163 Second: 176