As already discussed in other threads, this kind of counting is utter nonsense. First of all, it doesn't take into account how many of those vulnerabilities were really exploited, how much at risk the users were from those vulnerabilities and how fast they were fixed. Moreover, the counting is completely inconsistent: The bugs for Windows 7, 8, 8.1 and 10 are separately listed while the bugs for the various Mac OS X versions are condensed in one entry. And what about Internet Explorer? No distinction between the various versions and no pointer that IE is tightly integrated in Windows by default. So the IE bugs should perhaps rather be counted as Windows bugs? These examples show again how worthless this kind of bug counting really is.
Okay, but in the case of Flash, does exploit count matter? It was the most exploited software this past year. It seems to be the most perpetually bug-filled software on the planet; they fix 30 exploitable bugs and immediately another 30 or so are discovered. Some exaggeration here, probably, but I think not too far from fact.
Yes correct. And "Code Execution" bugs are the most serious ones, the statistics prove that Flash is ridiculously insecure. Chrome did only slightly better compared to Firefox, but the Chrome bugs were probably harder to exploit and were perhaps also fixed faster. And a lot of bugs in Win 8.1 are perhaps also not that easy to exploit, so all of this should be taken into consideration. http://www.cvedetails.com/product/3264/Mozilla-Firefox.html?vendor_id=452 http://www.cvedetails.com/product/15031/Google-Chrome.html?vendor_id=1224 http://www.cvedetails.com/product/6761/Adobe-Flash-Player.html?vendor_id=53 http://www.cvedetails.com/product/26434/Microsoft-Windows-8.1.html?vendor_id=26
I need to correct myself, I didn't read it correctly. Chrome was a lot safer than Firefox, it had only 8 code execution bugs in 2015, compared to 83 bugs in FF.
Flash Accounted for All Top 10 Vulnerabilities Used by Exploit Kits in 2015 http://news.softpedia.com/news/flas...ies-used-by-exploit-kits-in-2015-503387.shtml
This source shows Adobe Flash had the most vulnerabilities of all applications during 2015. It also shows the number of vulnerabilities reported for the most popular web browsers. http://www.gfi.com/blog/2015s-mvps-the-most-vulnerable-players/
So these guys still believe the security of an OS is completely determined by how many vulnerabilities they have? They don't even consider how bad the vulns are or if the reports even account for something that affects every user. What a joke.
