Nearly all PCs are insecure, more than 98% of Windows machines having at least one unpatched application, says security company Secunia. Or, as the company’s blog emphatically states, “1.91% of all PCs are fully patched!” Almost half (45.76) of computers had eleven or more insecure programs running on their system. “By "insecure program" it is understood, that there is a newer version of the program available from the vendor that corrects one or more vulnerabilities, but the user have [sic] yet to install the secure version,” says Secunia’s blog.
Despite the press Windows gets whenever security updates are needed, unpatched software as security risk is something we rarely read about. Keeping programs up-to-date is as important for security as running a firewall and anti-virus, the company says.
“A vulnerability in a program can be exploited by hackers to anything from compromising a PC, to automatically install trojans/viruses, to sniff out private information (passwords, credit cards information, etc.),” Secunia says, adding that anti-virus software programs will not fix these problems, and that it might be months between the time malware is pushed through software and the time it can be found.
Secunia used data from over 20,000 computers using their software to test for insecure programs. Secunia’s software scans for software security vulnerabilities and helps users patch insecure programs, so the company believes that the number of computers running insecure programs is even higher then their results suggest, as those running their software would be more security conscious.