The SANS Institute also said Wednesday that Microsoft Office and Windows Libraries and Services are some of the most vulnerable applications available on computers today.
But Microsoft was not alone in the annual list, released Wednesday. Apple Computer's Mac OS X was also cataloged, along with "configuration weaknesses" in Unix.
The 2006 list is of the Top 20 Attack Targets, whereas previously it was named the Top 20 Internet Security Vulnerabilities. Written by members of the SANS Institute and security experts from the technology industry and government bodies, it indicates which network features could leave a company vulnerable to attack.
Rohit Dhamankar, the chief scientist at TippingPoint and a SANS member, explained some current security threat trends.
"We've seen a lot of zero-day vulnerabilities this year. The next big thing is the number of attacks on Web applications. There's also continued growth in 'spear-phishing' attacks from Asia and Eastern Europe." In spear-phishing, the attacker creates an e-mail that appears to be a corporate internal message and sends it to a specific group of people in that company, who may be lulled into opening its malicious payload.
SANS also named Web applications, peer-to-peer (P2P) file-sharing software, media players, VoIP (voice over Internet Protocol) phones and people themselves as some of the easiest targets for hackers.
Dan Ilett of Silicon.com reported from London.
