Out-of-date, vulnerable browsers put users at risk
Many users are waiting a month or more to apply important security updates that can protect them from exploits and malware.
PC World - Is your browser up to date? According to the results of a new survey from security software vendor Kaspersky, nearly a quarter of the browsers currently in use are out of date. Surfing the Web with a vulnerable browser is a recipe for disaster.
The Web browser has evolved to become the primary software used on many PCs. People access their email, surf websites, create documents and spreadsheets, access cloud-based file storage and sharing sites, and share with others on social networking sites -- all through the browser. Attackers no this as well, which is why it is exceptionally risky to use a browser with known vulnerabilities.
Kaspersky gathered anonymous data through its cloud-based Kaspersky Security Network. Kaspersky researchers analyzed the browser usage data from millions of customers around the world, and uncovered some concerning trends.
- 23% of browsers are not current: 14.5% are still using the previous version, while 8.5% are using even older, obsolete versions.
- When a new version of a browser is released, it can take nearly 10 days for it to surpass the previous version in usage, and an average of about a month for a majority of users to upgrade.
The major browsers all have automatic update mechanisms in place. The easiest way to make sure your browser is current is to enable the automatic updates and let them do what they're meant to do -- keep your browser up to date without requiring you to manage the process yourself.
There are some valid reasons for holding off on upgrading to a new browser version. Some users might feel like new versions just add arbitrary features -- bells and whistles -- they simply don't care about, so they choose to stick with the browser they're already comfortable with. Some users have been burned in the past by updating to a new version and finding out the hard way that some sites or plug-ins no longer work as expected -- if at all.
Justifications aside, it's important to apply browser updates as quickly as possible. Why? Because attackers can craft new exploits and malware to attack vulnerabilities in a matter of hours. Users can't afford to shop online, check bank account balances, or access other sensitive data using a browser with known vulnerabilities.
As Kaspersky points out, the data also reinforces the need for users to have effective, up to date security software in place. Andrey Efremov, Director of Whitelisting and Cloud Infrastructure Research at Kaspersky Lab, said, "That means millions of potentially vulnerable machines, constantly attacked using new and well-known web-born threats. This is strong evidence of the urgent need for proper security software which is able to react to new threats in a matter of minutes, not days or even weeks."
With the holiday shopping season getting ready to kick off, millions of users will be researching gift ideas, and making holiday gift purchases online. Attackers have marked their calendars as well, and there will almost certainly be a spike in Web-based attacks. It's even more important during the holiday season to make sure you keep your browser, and your security software up to date.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!