Microsoft has more critical vulnerabilities in its products than any other IT security vendor. Adobe and Oracle products come in second and third place, respectively, according to Skybox Security's vulnerability database.
Although Oracle's products contained more overall vulnerabilities, Microsoft's were deemed more critical. More than half of the company's 414 vulnerabilities were critical. The Microsoft Security Response Center defines a critical vulnerability as one that allows code execution without user interaction.
The lab's findings weren't particularly surprising, considering the vendors' market shares. Microsoft, for instance, is the largest company and its products are the most widely used.
Skybox analyzed more than 20 sources of data to determine the number of vulnerabilities that occurred in 2013. The lab found that about 700 critical vulnerabilities occurred in 2013, and more than 500 of them were from four vendors.