Story image

Yes, Australians do patch Windows - but not their software, report finds

11 Aug 16

Flexera Software has found good news and bad news for both Australian Windows users and cybersecurity. New research from Secunia Research shows that the percentage of unpatched Windows operating systems dropped in the second quarter of 2016, but the percentage of unpatched non-Microsoft software is on the rise.

Secunia's research, titled Australia Country Reports, shows that 4.4% of Australian users were running unpatched Windows operating systems, down from 5.1% in Q1 2016 and 12.4% in Q2 2015, suggesting that users are realising the importance of protecting their PCs from hackers.

“The decline in unpatched Windows operating systems is remarkable and encouraging. It will be interesting to see if this trend continues over the long run, especially as Windows 10 and its automated updates become more widely deployed, says Kasper Lindgaard, director of Secunia Research at Flexera Software.

In sharp contrast, 12.9% of users were running unpatched non-Microsoft programs, up from 12.4% in Q1 2016 and 11.6% in Q2 2015, suggesting that users are ignoring security patch warnings, particularly as users must manually approve and launch the automated process.

The most common unpatched programs include

  • VLC Media Player 2.x (56 percent unpatched, 45 percent market share, 8 vulnerabilities)
  • Oracle Java JRE 1.8.x/8x (46 percent unpatched, 45 percent market share, 67 vulnerabilities
  • Apple iTunes 12.x (30 percent unpatched, 48 percent market share, 130 vulnerabilities).

“If users install software but then ignore alerts and fail to initiate the patch process when a vulnerability is found, they will remain exposed to that vulnerability. That is very unfortunate and has the potential to result in a bad outcome," Lindgaard explains.

These top three most exposed programs represent 205 vulnerabilities, 23 were fixed using 'extremely critical' patches and 180 fixed using 'highly critical' patches. These critical patches protect systems from compromise. Unpatched systems can potentially be accessed and exploited by hackers.

Flexera Software says that exploitation attacks can come from anywhere, including FTP, HTTP, SMTP, email applications and browsers.

“The number of vulnerabilities just in the top three products underscores the vastness of the opportunity for hackers to gain entry into exposed systems, and the reason Software Vulnerability Management is so essential. The easiest, fastest and least costly way for companies and individual users to minimise risk is to patch known vulnerabilities before they become a problem," Lindgaard concludes.

The report was based on data from Flexera's Personal Software Inspector between April 1, 2016 and June 30, 2016.

Dimension Data nabs three Cisco partner awards
Cisco announced the awards, including APJ Partner of the Year, at a global awards reception during its annual partner conference.
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
Why the adoption of SAP is growing among SMEs
Small and medium scale enterprises are emerging as lucrative end users for SAP.
Exclusive: How the separation of Amazon and AWS could affect the cloud market
"Amazon Web Services is one of the rare companies that can be a market leader but remain ruthlessly innovative and agile."
HPE extends cloud-based AI tool InfoSight to servers
HPE asserts it is a big deal as the system can drive down operating costs, plug disruptive performance gaps, and free up time to allow IT staff to innovate.
Digital Realty opens new AU data centre – and announces another one
On the day that Digital Realty cut the ribbon for its new Sydney data centre, it revealed that it will soon begin developing another one.
A roadmap to AI project success
Five keys preparation tasks, and eight implementation elements to keep in mind when developing and implementing an AI service.
The future of privacy: What comes after VPNs?
"75% of VPN users said they are seeking a better solution for cloud networks."