March 25, ZDNet – (International) Study: More than 50% of Global 500 use vulnerable open source components. According to a joint research report issued March 25 by Sonatype and Aspect Security, more than 50 percent of the world’s largest corporations have open source applications with security vulnerabilities. That is because more than 80 percent of software applications built in-house by enterprise developers incorporate open source components and frameworks that may be vulnerable. The report — based on a survey of 2,550 developers, architects and analysts — maintains that the widely held view that open source software is consistently high quality “overlooks ecosystem flaws,” chiefly the lack of a notification system alerting developers about vulnerabilities and new versions with fixes.
Ali Loney, on March 25, 2012