In-Depth

Survey: Windows XP Top Security Concern

Symantec survey focused on IT professionals’ views on vulnerability research and challenges they expect in the next year.

• By Jason Turcotte
• 08/15/2006

Even when all along the enterprise not a hacker is stirring—not even the click of a mouse—IT managers cannot help but fret over application security. According to a recent survey, when those managers think of vulnerabilities, it’s visions of Windows XP that dance in their heads.

A Symantec survey revealed that 67 percent of IT managers are most concerned with Microsoft Windows XP platform vulnerabilities. Results show that security researchers are placing their priority on Windows Vista and Windows XP. Symantec reports 55 percent of independent security researchers say they want to review Vista and 47 percent say the same about XP.

Symantec conducted the anonymous survey at the Black Hat security conference. Administered by Applied Research-West, the questionnaire focused on IT professionals’ views on vulnerability research and challenges they predict for the next year. According to Connect Public Relations’ Mike Bradshaw, the initial data reflects results from 400 Black Hat participants.

Respondents indicated four major areas of concern. Business systems (databases, back-up systems, and management software) topped the list, closely followed by infrastructure networking technology (routers), client software (Microsoft Office applications, media players, etc.), and operating systems (services or libraries). Messaging-scripting technologies (PHP, instant messaging and filesharing) rounded out the list.

Other key findings include:

• Web services (33 percent) were said to be the hottest upcoming issue within Web app security, closely followed by mobile technologies (32 percent) and VoIP (28 percent)



• Nearly half (46 percent) of researchers say they plan to review operating systems (services and/or libraries) next year



• Job function (57 percent) and curiosity (44 percent) were cited as the most frequent reasons for researching applications, while 15 percent admitted either personal profit or fame motivated their research



• Only 12 percent of IT managers say they are concerned with Mac OS vulnerabilities

The Symantec survey was conducted on August 2, 2006 with 85 percent of its participants based in North America. Of those surveyed, 26 percent were IT managers; 22 percent, independent researchers; 17 percent, researchers employed by vendors; 13 percent, executives; and 22 percent, other.