Hackers' paradise: Outdated Internet Explorer, Flash installs in enterprises
Two in five Flash users DO update. Surprised?
A quarter of all Windows devices are running outdated and unsupported versions of Internet Explorer, exposing users to more than 700 known vulnerabilities in process.
A study by mobile two-factor authentication firm Duo Security released today further reports that three in five (60 per cent) Flash users are running an out-of-date version, while 72 per cent have an outdated version of Java – exposing them to hundreds of vulnerabilities.
The stats are based on an analysis of a dataset of more than 2 million devices used by Duo Security’s customers (ranging from small startups to Fortune 500 enterprises) around the world. This issue of poorly patched Windows boxes is important because it leaves workers exposed to drive-by download attacks, a favourite hacker tactic readily put together using tools such as the Angler Exploit Kit and others. These attacks are routinely used to sling all sorts of nasties, including ransomware.
Mac users are more up to date than Windows users when it comes to operating systems. Google’s Chrome browser is the most up-to-date browser in Duo’s sample.
Last month Duo released an industry-specific breakdown of the same study that found that the healthcare industry is a long way behind the financial sector in basic security practices. ®