[This was originally published on the OSVDB blog.]
http://www.betanews.com/article/600_Security_Vulnerabilities_in_Q1_2005/1115067858
600 Security Vulnerabilities in Q1 2005
By Nate Mook, BetaNews
May 2, 2005, 5:04 PMAccording to a study published Monday by the SANS Institute, more than 600 new security vulnerabilities cropped up in the first three months of 2005. Although Microsoft leads the top 20 most critical security issues, hackers are turning their attention to third party software such as media players and databases.
SANS says the new list represents only security vulnerabilities found or patched in Q1 2005. Although SANS usually issues a yearly Top20 list, the group has moved to quarterly updates to aid organizations in recognizing potential security issues that could affect them.
Vulnerabilities found or patched? This is an odd way to track vulnerabilities in a given time frame. Aside from that, 600 in Q1 expands to roughly 2400 in 2005, significantly less than previous years. The real question.. where did SANS get their statistics from?