As he sees it, malicious hackers can break into corporate and government networks using a single software vulnerability, while the good guys must painstakingly check and patch every one of thousands of potentially hackable holes in their systems.
Adriel Desautels, the chief executive of cybersecurity firm Snosoft, buys and sells software-vulnerability data in a growing gray market and says the demand for critical Apple bugs has steadily increased.
When NSS tested alternative versions of the exploit that targeted the same vulnerability in software, Symantec only spotted 53%, less than more than half of the other products tested.
FORBES: Study Shows Programs Designed To Catch Hackers' Exploits Miss Nearly Half
In multiple cases the company has sat on information about a vulnerability in the software for months, allowing attackers to take advantage of the bug to compromise users via invisible browser-based attacks.
FORBES: Facebook Hacked Via Java Vulnerability, Claims No User Data Compromised
The Flashback malware targeted a vulnerability in the Java software that is used in Windows machines, Apple computers and many others.
"This is a very thoughtful strategy by Google: Let's build ourselves into the value chain at a spot of vulnerability, which is the software layer, " says Virgin Mobile USA co-founder, Amol Sarva.
Oracle, the makers of the Java software, have yet to respond to the vulnerability, and as yet there is no patch.
FORBES: Java Flaw Puts Millions Of Windows And Mac Users At Risk
Microsoft made such a call earlier this year, after researchers at Core Security informed the company that they had found a vulnerability in the Microsoft Virtual PC software.
In the summer of 2005, Charlie Miller was working in his living room when he discovered a hackable vulnerability in a common species of server software.
Oracle says the vulnerability applies to the latest version of the software, Java 7.
After months of inaction and even a warning from the Department of Homeland Security, Oracle has finally released a fix for yet another security vulnerability in its ubiquitous and notoriously buggy Java software.
FORBES: Forget Oracle's Latest Java Patch. Just Kill The Program In Your Browser For Good
The inconspicuous lock hacking device is an adaption of one demonstrated at the Black Hat security conference in July by Cody Brocious, a hacker and software developer for Mozilla, who discovered and exploited a vulnerability in Onity locks, a cheap and popular hotel room lock that the company says are used on at least four million hotel rooms worldwide.
FORBES: Hackers Crack Hotel Room Locks With A Tool Disguised As A Dry Erase Marker
So far others haven't been able to obtain the necessary keys to decrypt high definition content, and now Cyberlink, makers of the PowerDVD software many assumed was exploited for the attack, is denying vulnerability.
In the Microsoft incident, the software giant lashed out against the Google researcher who disclosed a vulnerability in a version of the Windows operating system last week, four days after he alerted the company.
However, Douglas Wylie, Business Development Manager for Networks and Security at Rockwell Automation said in-house research found the vulnerability to be more pervasive within the Rockwell family of software.
In our ongoing investigation into this recent claim, we have concluded that while this HTC software itself does no harm to customers' data, there is a vulnerability that could potentially be exploited by a malicious third-party application.
ENGADGET: HTC confirms security hole, says patch is incoming Mobile
应用推荐