Vulnerabilities on the client and applications sides present the greatest opportunities for attack, SANS Institute says. Attacks are becoming more sophisticated, but vulnerabilities on client side have exploded over the last year, report says. The number three vulnerabilities on this year’s list is “critical vulnerabilities in software on personal computers inside and outside enterprises (client-side vulnerabilities) allowing these systems to be turned into zombies and recruited into botnets. Mobile phones are the number two new threats for SANS’ 2008 list.”]
Source: https://www.darkreading.com/analytics/client-application-flaws-top-sans-vulnerability-list