98 percent of PCs vulnerable, says Secunia

Stephen Withers
Thursday, 04 December 2008 09:43

Your IT - Home IT

However, many IT operations seem to favour stable system images, and therefore won't deploy patches without extensive testing. Some experts think this is wise, others believe the risk of attack is too high for it to be a viable strategy.

On balance, we'll go with Balle's interpretation.

But what's the breakdown of the 98.09 percent of computers that aren't fully patched?

30.27 percent had between one and five insecure programs, 25.07 percent had six to ten, and 45.76 percent had eleven or more.

Yes, almost half of the PCs running PSI had more than ten unpatched programs!

On reflection, that's perhaps not as surprising as it seems. A careful user may have a handful of unpatched items at any time, despite most of the software being up to date. Even where applications automatically check for updates, there may be a delay before they are patched. If a program isn't running, then any vulnerabilities remain theoretical.

But careless users probably don't apply patches that aren't automatically presented to them, whether that's through Windows Update or other vendors' auto-update services.

So the idea of nearly half of all Windows PCs having more than 10 vulnerable programs doesn't seem so outlandish after all.

If you want to try PSI, you'll find it here.