Because of how the platform is designed, whenever we hear about malware or security threats in the mobile world, it tends to be pointed at Android, despite there being little evidence of anyone being at real risk outside of users in Russia or China who use a third-party app store. Now, a new report is claiming that the majority of app vulnerabilities exist in iOS apps, and they tend to be more severe as well.
The traditional thinking has been that because Apple locks down what apps are able to do on the platform and has a more strict app review process (not to mention a relative lack of malware), that the platform is safer overall, but mobile application security vendors Checkmarx and AppSec Labs say that isn't necessarily true. Their report claims that 40 percent of vulnerabilities in iOS apps were critical or high severity, compared to 36 percent of the Android vulnerabilities.
The report didn't give exact figures but said the average mobile app had nine vulnerabilities, and iOS apps had more than Android apps.
Leaking personal information was the most common vulnerability, at 27 percent of all flaws found. ID authentication and authorization problems were next with 23 percent. Plenty of other vulnerabilities were found, including cryptography weaknesses, disclosure of technical information such as application logs, and more.