80 Vulnerabilities Found in iOS in 2015, 10 in Android

Status
Not open for further replies.
S

sinu

Thread author
During this year's Black Hat USA 2015 conference in Las Vegas, Secunia, a leading provider of IT security solutions, has released a report detailing security vulnerability trends for the first seven months of 2015.
Until July 31, Secunia researchers discovered a total of 9,225 vulnerabilities, which is down from the 9,560 similar threats discovered in the same period in 2014.

Worrisome is that more threats labeled as "extremely critical" and "highly critical" are being discovered, in a rise from 0.3% to 0.5%, and 11.1% to 12.7% respectively.

As for zero-day exploits, Secunia is reporting 15 so far, putting 2015 on pace for breaking the 25 total zero-days discovered in 2014.
The waves of OpenSSL vulnerabilities

While 2014 was considered the year of Heartbleed, Secunia has observed that OpenSSL vulnerabilities came in five big waves during the past two years.

While Heartbleed was the mother of all OpenSSL bugs, wave #2 came in at a close second with 800 products detected as vulnerable.

In 2015 things seem to have calmed down a bit, the last vulnerability wave, #5, being spotted in only around 100 products.
More vulnerabilities were found in iOS devices, compared to Android

On the mobile market, the Secunia team is reporting a total number of 80 vulnerabilities discovered in iOS, while only 10 were found in Android devices.

"The fact that fewer vulnerabilities are discovered in Android should under no circumstances be misinterpreted to imply that Android OS is more secure than iOS," said Kasper Lindgaard, Director of Research and Security at Secunia.

He explains this trend by the fact that Apple is in full control over its operating system and devices' hardware makeup, allowing it to discover and patch security problems much faster than Google. The latter works with multiple companies at the same time, which are not always doing their due diligence regarding user security.

This last trend will fortunately change from now on, today Samsung and Google announcing in separate cases that they plan to take the security patching into their own hands.
 

Razor555

Level 5
Verified
Sep 15, 2014
246
Just goes to show that iOS sucks and its supposedly closed source code.
Most of these vulnerabilities, I believe that its created intentionally by crapple itself.
 

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
How people can hack into a closed source OS like iOS bypassing all security checks without raising alarms to Apple. As Razor555 said, some exploits are created by Apple first hand to gain more control over what and how Apple products are used.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Just goes to show that iOS sucks and its supposedly closed source code.
Most of these vulnerabilities, I believe that its created intentionally by crapple itself.
You may dislike Apple, but at least the patches are delivered. Google can provide for Nexus devices, but all other hardware devices have to wait on the manufacturer.
"The fact that fewer vulnerabilities are discovered in Android should under no circumstances be misinterpreted to imply that Android OS is more secure than iOS," said Kasper Lindgaard, Director of Research and Security at Secunia.
 

jogs

Level 22
Verified
Top Poster
Well-known
Nov 19, 2012
1,112
Till the time there will be an OS, there will be vulnerability.
 

Razor555

Level 5
Verified
Sep 15, 2014
246
You may dislike Apple, but at least the patches are delivered. Google can provide for Nexus devices, but all other hardware devices have to wait on the manufacturer.

Open source OS vs Closed source OS, and the open source OS does better than a supposedly HUGE company like Apple in security?
That should raise a red flag immediately about Apple's real intentions...

Edit: Android has been consistently much more secure than Apple's iOS. Apple has been much more prone to vulnerabilities for quite a few years already.
 
Last edited:
  • Like
Reactions: Oxygen
M

MalwareT

Thread author
This is why i love Windows Phone. Can't wait for Windows 10 Mobile.
 
  • Like
Reactions: Vasudev
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top