Apple's operating system is considered to be the most secure operating system whether it's Mac OS X for desktop computers or iOS for iPhones. But believe it or not, they are the most vulnerable operating system of year 2014.



MOST VULNERABLE OPERATING SYSTEM

Windows, which is often referred to as the most vulnerable operating system in the world and also an easy pie for hackers, is not even listed on the top three vulnerable OS. According to an analysis by the network and security solutions provider GFI, the top three most vulnerable operating system are:

Apple's Mac OS X

Apple iOS

Linux kernel

GFI analysis is based on the data from the US National Vulnerability Database (NVD), which shows that in 2014, the top three most vulnerable operating systems took owner by the following number of vulnerabilities reported in their software:

Mac OS X - Total 147 vulnerabilities were reported, 64 of which were rated as high-severity

- Total 147 vulnerabilities were reported, 64 of which were rated as high-severity Apple's iOS - Total 127 vulnerabilities were reported, 32 of which were rated as highly-severity

- Total 127 vulnerabilities were reported, 32 of which were rated as highly-severity Linux Kernel - Total 119 vulnerabilities were reported, 24 of which were rated as high-severity.



MAJOR VULNERABILITIES REPORTED IN 2014

The major vulnerabilities that took over the Internet in 2014 were as follows: The major vulnerabilities that took over the Internet in 2014 were as follows:

HEARTBLEED - A critical security vulnerability detected in OpenSSL left large number of cryptographic keys and private data from the most important sites and services on the Internet open to hackers. It was considered to be one of the biggest Internet threat in the history.

- A critical security vulnerability detected in left large number of cryptographic keys and private data from the most important sites and services on the Internet open to hackers. It was considered to be one of the biggest Internet threat in the history. SHELLSHOCK - A critical remotely exploitable vulnerability discovered in the widely used Linux and Unix command-line shell, known as Bash, aka the GNU Bourne Again Shell, left countless websites, servers, PCs, OS X Macs, various home routers, and many more open to the cyber criminals.

Windows 7, 8 and 8.1 Operating Systems were the least vulnerable OS, as they fall into the bottom half of the list and rank at 5th, 7th and 8th, with 36 vulnerabilities reported in all of them.

"2014 was a tough year for Linux users from a security point of view, coupled with the fact that some of the most important security issues of the year were reported for applications that usually run on Linux systems," explained GFI Software manager Cristian Florian. Surprisingly, Microsoft'sandOperating Systems were the least vulnerable OS, as they fall into the bottom half of the list and rank at 5th, 7th and 8th, with 36 vulnerabilities reported in all of them.Windows Server 2008 was the fourth most vulnerable OS in 2014 with 38 vulnerabilities, but it isn't a version aimed at consumers.



MOST VULNERABLE APPLICATION

However, when it comes to applications, Microsoft proved to be on the contrary, as its Internet Explorer browser lead the list with 242 total vulnerabilities, with 220 of them being rated as critical.





Obviously, this could embarrass Microsoft, as Internet Explorer has nearly twice as many security flaws than the second most vulnerable application, which was Google Chrome.





Google Chrome browser had 124 vulnerabilities reported in 2014. On the other hand, Adobe Flash Player improved last year with only 76 vulnerabilities reported.

Overall, a total of 7,038 new security vulnerabilities were added to the National Vulnerability Database (NVD) last year, which indicates that an average of 19 new security vulnerabilities were reported every day.



Out of those, 80% were reported in third-party applications, 13% in operating systems, and 4% in hardware devices.





For those who aren't aware, NVD is the US government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP).