In addition to exploitable flaws in the various Windows operating systems, which leave those systems open to hackers, the SANS report lists weaknesses in numerous third-party programs, including Apple’s iTunes and backup software from Symantec/Veritas.
The report listed 422 new vulnerabilities, up 11 percent from the first quarter of 2005.
Browser vulnerabilities, once limited to Microsoft’s Internet Explorer and Netscape’s Navigator, are increasingly turning up in Opera and Mozilla’s Firefox.
All in all, the report states that security risks aren’t just for Windows anymore.
"We are seeing a trend to exploit not only the Windows, but other vendor programs that are installed on [a] potentially large number of systems," 3Com research manager Rohit Dhamankar said.
Founded in 1989, the SANS Institute provides security training and certification, as well as a security service called the Internet Storm Center. A partner firm, Qualys, has released a free network scanning device that helps companies eliminate the top 20 SANS bugs.