Antivirus Protection & Internet Security Software
01 Feb 2013Virus News
Using data from the cloud-based Kaspersky Security Network, Kaspersky Lab examined the threat posed by software vulnerabilities. The research revealed that users of older and particularly dangerous editions of Oracle Java, Adobe Flash Player and Adobe Reader are highly reluctant to switch to newer and safer versions.
Kaspersky Lab has released the report ‘Evaluating the threat level of software vulnerabilities’, following careful analysis of the prevalence of security flaws found in various programs throughout 2012. As well as highlighting the most dangerous vulnerabilities, the research also assesses how enthusiastically users upgrade to newer versions of software once that update has been made available. This particular analysis revealed the disturbing fact that some old - or even obsolete - versions of popular programs remain on a significant number of PCs for months and even years.
Software vulnerabilities present a clear and obvious threat to both consumers and businesses. They are used as a key “burglary tool” to steal private data from users, conduct cyber-espionage on businesses and sabotage crucial industrial systems or government agencies. There are different ways to mitigate such risks: from software developers’ efforts to release updates on time and enhance the overall security of their products, to the most advanced protection technologies, such as Kaspersky Lab’s Automatic Exploit Prevention. The goal of the latest Kaspersky Lab research was to understand the actual threat posed by software vulnerabilities and evaluate user reaction to the release of a new version of a program which fixes dangerous security flaws. While the analysis focused mainly on the most dangerous software flaws, those known to be actively exploited by cybercriminals, the total number of vulnerabilities discovered in 2012 was an alarming 800+. Some of them, even though rarely found on users’ PCs, can be used as a gateway for a targeted attack.
Vyacheslav Zakorzhevsky, Vulnerability Research Expert
“What this research reveals is that releasing a fix for a security loophole shortly after discovery is not enough to make users and businesses secure. Inefficient update mechanisms have left millions of users of Java, Adobe Flash and Adobe Reader at risk. This, along with the whole series of critical vulnerabilities found in Java in 2012 and early 2013, highlights the need for the most up-to-date protection methods. Companies should take this problem very seriously, as security flaws in popular software have become the principle gateways for a successful targeted attack.”
The full report ‘Evaluating the threat level of software vulnerabilities’ is available at Securelist.com. You can also download the PDF version here.
© 1997 – 2016 Kaspersky Lab
All Rights Reserved. Industry-leading Antivirus Software