SANS Top-20 Internet Security Attack Targets (2006 Annual Update)

Operating Systems

W1. Internet Explorer

W2. Windows Libraries

W3. Microsoft Office

W4. Windows Services

W5. Windows Configuration Weaknesses

M1. Mac OS X

U1. UNIX Configuration Weaknesses

Cross-Platform Applications

C1 Web Applications

C2. Database Software

C3. P2P File Sharing Applications

C4 Instant Messaging

C5. Media Players

C6. DNS Servers

C7. Backup Software

C8. Security, Enterprise, and Directory Management Servers

Network Devices

N1. VoIP Servers and Phones

N2. Network and Other Devices Common Configuration Weaknesses

Security Policy and Personnel

H1. Excessive User Rights and Unauthorized Devices

H2. Users (Phishing/Spear Phishing)

Special Section

Z1. Zero Day Attacks and Prevention Strategies

Source: http://www.sans.org/top20/?portal=332da72c1873a532d07027eabe2db5cc

Cheers,
pavs