UK consumers particularly prone to piss-poor patching

UK consumer patching practices have worsened still further over the last three months, increasing the threat of malware problems, according to a new study by IT security provider Secunia.

Secunia estimates 12.6 per cent of UK users are running unpatched operating systems, up from 9.7 per cent the previous quarter. In addition, one in 10 third-party programs on the average PC are exposed due to failures in installing the latest security updates.

Oracle’s Java JRE 1.7.x/7.x tops the list as the UK’s most exposed third-party software. With a market share of 58 per cent, and 145 reported vulnerabilities, the security company estimates 42 per cent of users have not installed the latest Java updates.

Kasper Lindgaard, Secunia's director of research and security, noted that vulnerable programs "potentially serve as entry points for malware". Cyber criminals frequently use flaws and bugs in software to push malware onto the machines of surfers.

Other programs in the Secunia's top 10 of problematic apps include Adobe Reader, Apple iTunes and Microsoft Internet Explorer. The Danish firm further reports that one in 20 programs on the average UK PC have reached end-of-life, meaning they are no longer supported by the vendor and do not receive security updates.

Secunia's data is derived from scans using Secunia Personal Software Inspector on the Windows PCs of consumers between 1 July and 1 October 2014. ®

Bootnote

Running Java in the browser, in particular, is a recipe for trouble. Few sites actually need Java and security experts have recommended disabling Java plug-ins and browser extensions as a precaution for at least 18 months.