Secunia Patch Data Paints Startling Picture
A whopping 95 percent of the last 20,000 newly registered PSI users are running computers that haven't been fully patched/updated. Secunia, which collects data from computers scanned by the PSI, found that a mere 5 percent have patched all applications and more than 40 percent have 11 or more insecure applications installed. Over the last seven days, the utility scanned 20,009 machines from new users, matching its security patch database against 1,788,832 applications. The data underscores why the the battle against malware and botnets may already be lost: The total number of computers/users is 20,009, out of these 95.46% have 1 or more insecure applications installed on their computers - 95 out of a 100 computers that are connected to the Internet have insecure software installed. Secunia explains "insecure application" as a software product for which a newer version is available to correct one or more vulnerable. The company did not provide a breakdown of the unpatched apps that turned up the most. Instead, it simply highlighted the percentage of scanned machines with vulnerable applications installed.
|
Here's a frightening statistic taken from 
Comments (1)
This should be no surprise since botnets seem to have no problem getting recruits. What should be surprising, or maybe encouraging, or discouraging - who knows - is that someone who is expressing an interest in patching their PC would have so many patches missing.
On the "no surprise" side, many times when I've used Secunia's PSI, it has uncovered not the obvious Windows patches that everyone should be applying, but uncovers the more obscure applications that have no automated way of being notified of available updates.
At that point, it shouldn't be the users who are indicted, but the application vendors themselves that don't put "phone home" options in their applications to pick up updates as they become available.
Posted by EJ | January 9, 2008 11:48 AM