Virtually every Windows PC at risk, says Secunia
Almost all PCs scanned by patch tool have an unpatched app; 46% have 11-plus
Computerworld - More than 98% of Windows computers harbor at least one unpatched application, and nearly half contain 11 or more programs at risk from attack, a Copenhagen-based security company said today.
According to Secunia APS, 98.1% of the PCs on which its Personal Software Inspector (PSI) utility was installed during the past week sport one or more applications that have security updates available for downloading.
PSI scans Windows systems for installed applications, then compares their version numbers to the most up-to-date versions; if they're different, it makes note, then provides a link to the patch update. To gather its numbers, Secunia tracked the results of each user's first PSI scan.
Since Nov. 25, when PSI left beta and entered Version 1.0, more than 120,000 people downloaded the utility, said Thomas Kristensen, Secunia's chief technology officer. The company randomly selected 20,000 of those installations, then tallied the number of unpatched applications PSI found.
"Most people keep Windows up to date because it's so easy to use Windows Update," said Kristensen. "Adobe Reader and Flash and Apple QuickTime are like that, too, as are browsers. But a lot of third-party [browser] plug-ins don't have any [update mechanism] and so people don't keep them updated."
The PSI data showed that while fewer than 1.9% of the users had completely clean PCs, 30.3% of the machines contained between one and five unpatched programs, 25.1% had between six and 10 at-risk applications, and 45.8% of the systems boasted 11 or more insecure programs.
Today's numbers were even more dismal than those Secunia collected last January, when it surveyed a similar number of PCs that had just installed PSI. Then, approximately 4.5% of the machines were free of unpatched programs, more than twice as many as in the newest survey.
Kristensen explained the decline. "We've had a change in the user base and managed to reach a much broader group of users," he said. PSI's early adopters were mostly tech-savvy types, but as word has spread about the utility, "it's reached a completely different group of users, many who never patch their PCs," Kristensen noted.
Since Secunia launched the free utility in mid-2007, about 900,000 users have downloaded the program. "We should clear 1 million around the first of the year," Kristensen said.
Read more about Security in Computerworld's Security Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!