According to the findings by the Atlas VPN team, Apple product’s vulnerabilities surged by 467% in the second half of 2021. What’s more, Google and Microsoft products accumulated the most vulnerabilities in the second half of 2021.
Keep in mind that Atlas VPN is a premium VPN service. With that in mind, here are the details in the report:
° Google accumulated 511 vulnerabilities in the second half of 2021. Google products such as the Android operating system and Chrome browser are used by billions of people worldwide. Cybercriminals exploit vulnerabilities in such products so that more users would be affected.
° Microsoft products were second in terms of vulnerabilities with 428. Most of the vulnerabilities are found in Windows OS versions, Office tools, and the Microsoft Edge browser.
° Apple software vulnerabilities surged by 467% in the second half 2021 to 380 exploits. Cybercriminals find the most exploits on Safari browser and operating systems on various Apple products. Due to all Apple software being interchangeable and connected, one found vulnerability can usually affect all devices.
° Oracle products accumulated 258 vulnerabilities in the second half of 2021. At the same time, the Chinese telecommunications equipment company Huawei gathered 201 vulnerabilities, almost an 814% increase compared to H1.
Vulnerability levels
The folks at Atlas VPN say National Vulnerability Database (NVD) evaluated 1,079 vulnerabilities with a risk level of 10 in the second half of 2021. NVD issued risk level 9 to 1,173 vulnerabilities. Risk level 8 vulnerabilities were the most common, with 2,582 recorded flaws. Following up, NVD evaluated 693 vulnerabilities at risk level 7.
An exploit, CVE-2021-30858, rated 8.8, targets iPhones and iPads with the 14.8 iOS version and Macs with macOS Big Sur 11.6. The vulnerability allows the threat actor to execute an arbitrary code, enabling the installation of malware or other actions on a vulnerable Apple device, according to Atlas VPN.
The report adds that the most harmful vulnerability from 2021 was CVE-2021-44228, better known as the Apache Log4j vulnerability.
To read the full report, go here.
Article provided with permission from AppleWorld.Today