Unpatched end-of-life programs with vulnerabilities are attack vectors hackers can exploit
Itasca, IL - Feb 22, 2017 - The average private user in the United States has 75 programs installed on their PC, and 7.4 percent of them are End-of-Life programs that are no longer patched by the vendor. End-of-life programs containing unpatched software vulnerabilities are popular attack vectors for hackers to exploit because they are so widespread on devices today.
These conclusions can be drawn from just-released Country Reports covering Q4 2016 for 12 countries, published by Secunia Research at Flexera Software, the leading provider of Software Vulnerability Management Solutions. The reports provide status on vulnerable software products on private PCs in 12 countries, listing the vulnerable applications and ranking them by the extent to which they expose those PCs to hackers.
“Software Vulnerability Management is an effective strategy for minimizing the attack surface by enabling people and organizations to identify known vulnerabilities on their devices, prioritize those risks based on the criticality of the vulnerabilities, and mitigate those risks via automated patch management systems,” said Kasper Lindgaard, Director of Secunia Research at Flexera Software. “But risk remains if unsupported, end-of-life programs containing vulnerabilities are running. Private PC users should continually scan their devices and remove end-of-life programs from their systems. Within a business setting, security teams should collaborate closely with their Software Asset Management teams to discover and inventory their application estate and remove any unsupported, end-of life programs.”
Other Key Findings in the Country Report Include:
- 7.5 percent of users had unpatched Windows operating systems in Q4 of 2016, up from 6.1 percent in Q3 of 2016 and down from 9.9 percent in Q4, 2015.
- 14.0 percent of users had unpatched non-Microsoft programs in Q4, 2016, up from 13.8 percent in Q3 of 2016 and 12.2 percent in Q4 of 2015.
- The top three most exposed programs for Q4 were Apple iTunes 12.x. (55 percent unpatched, 43 percent market share, 29 vulnerabilities), Oracle Java JRE 1.8.x / 8.x (50 percent unpatched, 47 percent market share, 39 vulnerabilities), and VLC Media Player 2.x (44 percent unpatched, 28 percent market share, 5 vulnerabilities).
The 12 Country Reports are based on data from scans by Personal Software Inspector between October 1, 2016 and December 31, 2016.
- # # # -
Download the Q4 2016 Country Reports
Learn more about:
Flexera is reimagining the way software is bought, sold, managed and secured. We view the software industry as a supply chain, and make the business of buying and selling software and technology asset data more profitable, secure, and effective. Our Monetization and Security solutions help software sellers transform their business models, grow recurring revenues and minimize open source risk. Our Vulnerability and Software Asset Management (SAM) solutions strip waste and unpredictability out of procuring software, helping companies buy only the software and cloud services they need, manage what they have, and reduce compliance and security risk. Powering these solutions and the entire software supply chain, Flexera has built the world’s largest and most comprehensive repository of market intelligence on technology assets. In business for 30+ years, our 1200+ employees are passionate about helping our 80,000+ customers generate millions in ROI every year. Visit us at www.flexera.com.
For more information, contact:
*All third-party trademarks are the property of their respective owners.