Hasso Plattner Institute: Number of Serious Software Vulnerabilities has Increased in 2015

Dec 28, 2015, 01:00 ET from Hasso Plattner Institute (HPI)

POTSDAM, Germany, December 28, 2015 /PRNewswire/ --

In 2015 fewer software security vulnerabilities were reported worldwide than in the previous year. But at the same time the number of published vulnerabilities with a high level of severity has increased. According to an analysis performed by the German Hasso Plattner Institute (HPI), in the last twelve months alone at least 5,350 reports of software vulnerabilities have been registered or updated. In 2014 there were about 7,200 such vulnerabilities reported. The computer scientists' overview shows that in comparison to the previous year there were more vulnerabilities with a high level of seriousness (i.e., about 2,000 in comparison to almost 1,800). There were markedly fewer indications of so-called vulnerabilities of a medium degree of severity, with about 2,800 registered in 2015. In 2014 around 4,800 were registered. There was little change in the amount of information on software vulnerabilities with minor impact.

At the same time, the HPI database for IT attack analysis (https://hpi-vdb.de) registered approximately 7,000 new software products and 400 new manufacturers in the course of 2015. More than 73,100 pieces of information on vulnerabilities are stored, which report on nearly 180,000 affected software programs from at least 15,500 manufacturers.

"Computer users need to remain vigilant in regard to the security situation surrounding software," said HPI director Prof. Christoph Meinel. Every possibility should be used to update operating systems, Internet browsers, and other software applications in order to eliminate vulnerabilities, the Potsdam computer scientist said.

In the HPI database, the essential information published in the Internet on software vulnerabilities is integrated. The classification of vulnerabilities by criticality is based on the free, open, and heavily used industry standard CVSS (Common Vulnerability Scoring System).

Press contact: presse@hpi.de. Press spokesperson: Hans-Joachim Allgaier, Tel. +49-331-5509-119

SOURCE Hasso Plattner Institute (HPI)