FBI flags top 20 security holes in Windows, Unix

The FBI's National Infrastructure Protection Center and the SANS Institute of Bethesda, Md., last week updated their top IT vulnerabilities in Microsoft Windows and Unix systems.

The most common Windows targets are Internet Information Services, Data Access Components, SQL Server, unprotected Windows network sharing, anonymous log-on, weak hashing in LAN Manager authentication, weak passwords, Internet Explorer, remote registry access and Windows Scripting Host.

The top Unix targets are remote procedure calls, Apache Web Server, Secure Shell, Simple Network Management Protocol, File Transfer Protocol, trust relationships in remote services, line printer daemon, sendmail, Berkeley Internet Name Domain/Domain Name Service and weak passwords.

Fixes and defenses for these vulnerabilities appear at www.sans.org/top20.

About the Author

William Jackson is a Maryland-based freelance writer.


  • senior center (vuqarali/Shutterstock.com)

    Bmore Responsive: Home-grown emergency response coordination 

    Working with the local Code for America brigade, Baltimore’s Health Department built a new contact management system that saves hundreds of hours when checking in on senior care centers during emergencies.

  • man checking phone in the dark (Maridav/Shutterstock.com)

    AI-based ‘listening’ helps VA monitor vets’ mental health

    To better monitor veterans’ mental health, especially during the pandemic, the Department of Veterans Affairs is relying on data and artificial intelligence-based analytics.

Stay Connected