A new report using data from the National Institute of Standards and Technology’s National Vulnerability Database has looked at the top tech products of the last 20 years and discovered which had the most vulnerabilities that left them susceptible to attacks from hackers and nation-states.
The data was crunched by TheBestVPN, which found that of all technology products in recent years, the one with the most vulnerabilities on a consistent basis year after year was Google’s Android operating system. According to the report, Android had the most vulnerabilities of any operating system in 2019, 2017, and 2016. The only recent years Android got a reprieve from the top spot was in 2018, when Debian GNU/Linux had more vulnerabilities.
But going back the full 20 years, the data tells a more complete story. When looking at a company’s products as a whole, the report’s authors found that Microsoft’s products had more vulnerabilities than any other company. Since 1999, Microsoft products have had a total of 6,814 vulnerabilities all told. Here are the top 5:
- Microsoft—6,814 vulnerabilities
- Oracle—6,115 vulnerabilities
- IBM—4,679 vulnerabilities
- Google—4,572 vulnerabilities
- Apple—4,512 vulnerabilities
But perhaps the most worrying trend of all is that vulnerabilities have only increased in the last 20 years as operating systems and other software products become more complicated. In 1999 there were only 894 technical vulnerabilities reported. That number has increased more than 14 times to 12,174 technical vulnerabilities reported in 2019.
Reached for comment, an Android spokesperson sent the following statement:
“We’re committed to transparency and release public security bulletins monthly on issues that have been fixed in Android to harden the security of the ecosystem. We disagree with the notion that measuring the number of security issues fixed in an OS is any indication of the security of the platform. This is actually a result of the openness of the Android ecosystem working as intended.”