The Internet is a terrifying cess-pit of malicious worms, viruses and vulnerabilities waiting to be exploited, but according to Symantec there is one tiny piece of good news - the number of reported vulnerabilities is actually levelling off.
The news can be gleaned deep in the pages of the company's latest Internet Security Threat Report, which covers the Internet as it was in the six months between last July and December.
During 2003 as a whole, the number of new vulnerabilities discovered rose to 2,636, a mere two percent increase on 2002. This looks good compared the 81 percent rise between 2001 and 2002.
However, security companies aren't famous for spreading joy when it comes to security and sure enough the company balances this by reporting an increase in the number of vulnerabilities deemed "easy to exploit" from 60 to 70 percent.
Even worse, the report further notes that the time between a threat being announced, or noticed, and an exploit appearing continues to shrink. The authors conclude that this raises "zero day" blended threats - whereby a vulnerability is targeted before it has been announced or a patch made available - from likely to "imminent".
According to the authors, there are still unreported vulnerabilities in software and the risk that one of these will be used to launch an attack is now severe. Depending on which systems were attacked, such an event could cause major problems for companies and home users alike, with patches to fix the problem probably taking days to arrive.
"If you go back 2 years, it was several months," commented Symantec's director of security services Richard Archdeacon on the time it took for exploits to be used in attacks. "It is now down to a matter of weeks." His recommendation was that companies must stop thinking of anti-virus on its own as a defence against such threats. Layered security, including network monitoring was now a must.
Another trend mentioned is the increasing number of vulnerabilities found in Microsoft's Internet Explorer, which reached 34 in the six months covered -significantly up on the preceding half year.
Contrary to the popular wisdom that attacks come from Eastern Europe or obscure islands in the middle of nowhere, in absolute terms almost 60 percent of attacks still originate (or appear to originate), in the US, with Canada, China, Japan and Australia a long way behind.
The report is due to be posted this week on Symantec's website.