Significant Rise in Reported Vulnerabilities Within Microsoft Programmes
Copenhagen, Denmark - Jan 20, 2015 - Secunia, the leading provider of IT security solutions for vulnerability management, has published its latest quarterly report documenting the state of security among private PC users in the UK throughout 2014. In a year which saw a considerablerise in reported vulnerabilities, the results show many users’ PCs are inadequately patched and therefore easily compromised.
The proportion of reported vulnerabilities originating from Microsoft programs has increased substantially on private PCs, to 47% in the last 12 months, up from 26% the previous year. However, Microsoft’s software does not appear in the list of the top five most exposed programmes.
Kasper Lindgaard, Director of Research and Security at Secunia explains why the large number of reported and patched Microsoft vulnerabilities could have positive implications for browser security:
“From May 2014 onwards we saw a big increase in the numbers of reported and patched vulnerabilities in Internet Explorer, which is the primary factor behind the overall rise. This could be because Microsoft is becoming more focused on browser security, it could be a result of the “Internet Explorer 11 Preview Bug Bounty, or it could just be that (both sides of) the industry have directed their focus that way in 2014.”
Other key findings in the report include:
- The average UK PC user has 74 programs installed from 26 different vendors. Users must therefore master 26 different update mechanisms to ensure all available security patches are applied
- The most exposed programs over the past 12 months include:
- Oracle Java with 145 vulnerabilities and 42% of installed programs unpatched
- Apple Quicktime 7 with 11 vulnerabilities and 32% of installed programs unpatched
- VLC Media Player 2 with 2 vulnerabilities and 40% of installed programs unpatched
- Almost 6% of programs on the average UK user’s PC have reached end-of-life, meaning they do not received security updates from the vendor
To help users stay secure Secunia offers its Secunia PSI 3.0, a free computer security scanner which identifies software applications that are insecure and in need of security updates. It has been downloaded by over 7 million PC users globally to detect vulnerable and out-dated programs and plug-ins.
Secunia’s country reports are based on data from scans by the Secunia Personal Software Inspector between 1 January and 31 December 2014. The data reflects the state of security of Secunia PCI users who it is safe to assume are more secure than other PC users.
Follow Flexera Software…
About Flexera Software
Flexera Software helps application producers and enterprises increase application usage and security, enhancing the value they derive from their software. Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimized software investments, and to future-proof businesses against the risks and costs of constantly changing technology. A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products. For more information, please go to: www.flexerasoftware.com
For more information, contact:
*All third-party trademarks are the property of their respective owners.