PC users could be harbouring an average of 12 software vulnerabilities on their systems, according to a new report from Kaspersky Lab.
After analysing more than 11 million users, antivirus experts at Kaspersky revealed that over 132 million vulnerabilities were discovered across a myriad of programs, which accounted to an average of 12 weak points per user.
Despite finding over 800 varieties of these vulnerabilities in total, Kaspersky reported that 70 per cent of all detected software weak points were made up of just 37 of the identified vulnerabilities. These software weaknesses were found in several highly popular software bundles such as Adobe Shockwave, Apple iTunes, Apple QuickTime, Adobe Flash Player, Apple QuickTime and Java.
Software vulnerabilities are the key tool used by cybercriminals to steal private data, conduct covert espionage on high-profile business or even sabotage business systems or government agencies with great success. Users can minimise the presence of vulnerabilities on their systems by installing reliable security software and keeping up to date with software updates released by companies that aim to combat new and updated weaknesses found in their programs.
After Java was found to contain critical vulnerabilities in 2012, only 28.2 per cent of users updated to the latest, safest version of the software, leaving over 70 per cent of users with Java software still susceptible.
“What this research reveals is that releasing a fix for a security loophole shortly after discovery is not enough to make users and businesses secure. Inefficient update mechanisms have left millions of users of Java, Adobe Flash and Adobe Reader at risk,” said Vyacheslav Zakorzhevsky, Vulnerability Research Expert for Kaspersky Lab. “This, along with the whole series of critical vulnerabilities found in Java in 2012 and early 2013, highlights the need for the most up-to-date protection methods.”
Zakorzhevsky added: “Companies should take this problem very seriously, as security flaws in popular software have become the principle gateways for a successful targeted attack.”
Do you regularly complete Java and other software updates? Has your PC ever been attacked? Drop us a line on our Facebook and Twitter pages or use the comments section below.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.