Considering that Sophos finds a newly infected website every 4.5 seconds , or that AVG reports the registration of something over 250,000 websites per day for nefarious purposes (most of which are dropped within a couple of days), it isn't an easy task keeping up with the wide range of sources of web threats.

The Sophos Endpoint Assessment Test  is free and includes automatic updates for a 30-day period.

Results from an undisclosed number of corporate responses to the Sophos test between April 2008 and April 2009 showed that 85% of PCs had some form of current malware protection.  Unfortunately, of the remainder only 5% have nothing at all.  The other 10% are even worse – out-of-date software.

Just 37% of those surveyed were fully up-to-date with all patches and less that 50% had a current operating firewall.

Overall just 10% of the PCs passed all three tests.

I have to admit, these numbers are really no surprise - particularly the out-of-date malware protection.  Some years ago, I ran a home PC support business and was constantly astonished to see 3-year-old (or more) trial packs of anti-virus software that had never been updated; although the PC owners would always assure me they were fully protected.

Graham Cluley, Sophos' Senior Technology Consultant notes in his blog that in addition to the previous figures, nearly 60% of PCs were missing OS patches, grading down to a mere 7.1% missing flash player updates.

You won't be surprised that Sophos (and AVG) have a solution.