An average PC user in the UK has 72 programmes installed. That wouldn’t be much of a news story if 6.7 per cent of those programmes haven’t reached the end-of-life status and are no longer patched. As you might imagine, such programmes are security nightmares as any vulnerabilities they might have are probably old and very much known to cyber criminals.
This is according to a new report by Secunia Research at Flexera Software, entitled Country Reports.
“Software Vulnerability Management is an effective strategy for minimising the attack surface by enabling people and organisations to identify known vulnerabilities on their devices, prioritise those risks based on the criticality of the vulnerabilities, and mitigate those risks via automated patch management systems,” said Kasper Lindgaard, Director of Secunia Research at Flexera Software.
“But risk remains if unsupported, end-of-life programmes containing vulnerabilities are running. Private PC users should continually scan their devices and remove end-of-life programmes from their systems. Within a business setting, security teams should collaborate closely with their Software Asset Management teams to discover and inventory their application estate and remove any unsupported, end-of life programmes.”
The report also says people have become somewhat lazy updating their Windows. In Q4 2016, 7.2 per cent have unpatched Windows OS, up from 6.4 per cent in Q3, and down from 8.0 per cent in Q4 2015.
They’re also similarly lazy with non-Microsoft programmes. In Q4 there have been 12.5 per cent of users with unpatched software, down from 12.8 per cent in Q3 and up from 11.4 per cent in Q4 2015.
Most exposed programmes are Apple iTunes 12.x, Oracle Java JRE 1.8.x and VLC Media Player 2.x.
Photo Credit: andriano.cz/Shutterstock