View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 3, 2013

PC users using obsolete software despite vulnerabilities: Kaspersky

Adobe Shockwave and Flash, Apple iTunes/QuickTime, and Java have the highest number of vulnerabilities

By CBR Staff Writer

According to a report by Kaspersky Lab, a significant number of PC users are using old – or even obsolete – versions of popular software despite vulnerabilities.

According to the report, over 132 million vulnerabilities have been discovered in various programmes, which accounts an average of 12 vulnerabilities per user among more than 11 million users.

Among the popular software programmes, Adobe Shockwave and Flash, Apple iTunes/QuickTime, and Java have highest number of vulnerabilities.

Despite vulnerabilities, the users of older and particularly dangerous editions of Oracle Java, Adobe Flash Player and Adobe Reader are highly reluctant to upgrade to newer and safer versions, the research revealed.

The security firm found that over 800 different vulnerabilities were discovered during last year of which, 37 were found on at least 10% of computers during one week in 2012.

Out of the 37 vulnerabilities only eight vulnerabilities are found in the widespread exploit packs used by cybercriminals which include five vulnerabilities in Oracle Java, two vulnerabilities in Adobe Flash Player and one vulnerability found in Adobe Reader.

Kaspersky Lab analysts said that the vulnerabilities account for 70% of all detected software flaws.

Content from our partners
Five key challenges facing the fashion industry
<strong>How to get the best of both worlds in the hybrid cloud</strong>
The key to good corporate cybersecurity is defence in depth

Kaspersky Lab vulnerability research expert Vyacheslav Zakorzhevsky said that a fix for a security loophole shortly after discovery is not enough to make users and businesses secure.

"Inefficient update mechanisms have left millions of users of Java, Adobe Flash and Adobe Reader at risk," Zakorzhevsky said.

"This, along with the whole series of critical vulnerabilities found in Java in 2012 and early 2013, highlights the need for the most up-to-date protection methods."

"Companies should take this problem very seriously, as security flaws in popular software have become the principle gateways for a successful targeted attack."

Despite the availability of a new version of Java, only 28.2% of users have upgraded to the safer version while over 70% are using the old programmes leaving their system vulnerable to Java exploits, the research added.

A 2010 version of Adobe Flash Player which is obsolete now is being used on an average of 10.2% computers while a vulnerable Adobe Reader version is still being used by 13.5% of users.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.