Number of 2020 vulnerability disclosures set to overtake 2019

No Comments
security flaw

Despite a sharp decrease of 19.2 percent observed earlier in the year, vulnerability disclosures in 2020 are expected to exceed 2019's level according to Risk Based Security.

The company's VulnDB team aggregated 23,269 vulnerabilities disclosed during 2020. Despite the initial disruption from COVID-19, the trend of total number of vulnerabilities suggests that business operations and routines have normalized as the gap has closed to 0.98 percent.

"2020 could be titled 'The Great Catch-up'. We saw an incredible drop of 19.2 percent in Q1, but with each subsequent quarter that massive gap steadily closed," says Brian Martin, vice president of vulnerability intelligence at Risk Based Security. "The question now is how COVID-19 will impact the 2021 vulnerability landscape. Have we fully shaken off the disruption from the pandemic, or will we still see some lingering side-effects?"

During the pandemic there were three Vulnerability Fujiwhara events -- the term adopted for the collision of patch releases from Oracle, Microsoft, and other major vendors on the same day. These result in challenging workloads for vulnerability management teams, and make timely patching and remediation a difficult task for many organizations.

To make matters more difficult the Common Vulnerabilities and Exposures (CVE) list continues to fall behind in its coverage. "In 2020, CVE failed to report 29 percent of known disclosed vulnerabilities and organizations looking for those details can find those missing vulnerabilities in VulnDB," says Martin. "Our VulnDB team hit a major milestone of 80,000 aggregated vulnerabilities without a CVE ID. Now that it appears operations have mostly normalized, those who are wary or are struggling with current workloads may want to consider strengthening their vulnerability management programs with proper vulnerability intelligence."

You can get the full 2020 Year End Vulnerability QuickView Report from the Risk Based Security site.

Photo Credit: Den Rise/Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

Meta introduces Horizon OS

Open-source audio editor Audacity 3.5 available for Windows, Linux, and Mac

Stop sideloading headaches on Apple devices: Why EU admins need MDMs now more than ever

Email still the most popular phishing technique even on mobile

Proton Mail launches Dark Web Monitoring to alert users to leaks

Cloud security and speed -- how fast do your processes need to be? [Q&A]

Updated, lightweight Microsoft Store offers faster downloads and multi-app parallel installations

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

62 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

20 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

12 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.