Security Market Segment LS
Wednesday, 28 October 2015 13:37

Unpatched PCs attract hackers in their droves - with Apple in front Featured

Unpatched PCs attract hackers in their droves - with Apple in front Image courtesy of Stuart Miles,

Private PCs are rife with unpatched vulnerable applications from vendors like Apple, Adobe and Oracle, according to a new research report which reveals the state of security for PC users in a total of 14 countries, including the US.

According to the report from software vulnerability intelligence provider, Secunia Research – now part of Flexera Software -  one in 20 applications on private US PCs are end-of-life, 12% of Windows operating systems are unpatched, and for the first time in four consecutive quarters, Oracle Java isn’t topping the list of most exposed programs, with Apple now taking the lead.

Secunia says the number of end-of-Life applications on private US PCs has been between 5% and 6% since Q3 2014, compared to 2013 when the number was between 3% and 4%.

According to Secunia, the problem with end-of-life applications from a security perspective is that the vendors of those applications no longer publish security updates to patch vulnerabilities as they are discovered in the product and, consequently, any vulnerability in an end-of-life application is an open door into any PC on which the application is installed.

“Hackers benefit from users’ failure to uninstall end-of-life applications, as the exploits they wrote for the old versions continue to work and continue to have value on the black market,” said Kasper Lindgaard, Director of Secunia Research at Flexera Software.

“Too many users install and forget. Maintenance of software is not high on the radar of the average computer users, who tend to install whatever application they need to support whatever they need to do.  They then tend to leave it sitting in their system, forgetting to uninstall or update it.”

As Secunia report, from Q3 2014 to Q2 2015, Oracle Java topped the list of most exposed applications in the US country reports.

The most exposed applications are ranked by Secunia based on how widespread they are (market share) multiplied by how many of their users have neglected to patch them (Unpatched) even though a patch was available.

Secunia reports that Oracle Java drops down to number four as a result of two factors:

•    Oracle 7 went end-of-life in April 2015, and therefore got parked on the end-of-life list, which doesn’t factor in patch status because all end-of-life applications are de facto insecure

•    Users are currently migrating to Oracle Java 8, but the 40 percent market share does not bring Oracle Java 8 to the top of the list.

Here’s the key findings in the US Country Report from Secunia:

•    5.5% of applications on the average US PC have reached end-of-life, meaning they are no longer supported by the vendor and do not receive security updates
end-of-lifer Adobe Flash Player 18, which was end-of-life as of September 22, 2015, is found on 80% of the PCs.

•    Apple QuickTime 7.x and Apple iTunes 12.x tops the list as the US’ most exposed applications:
QuickTime has a market share of 55% and 18 reported vulnerabilities, 61% of users have not installed the latest updates
iTunes has a market share of 40% and 106 reported vulnerabilities, and 47% of users have not installed the latest updates.

•    Other applications in the top 10 include Adobe Reader, Oracle Java 8 and Mozilla Firefox.

Read 3517 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Peter Dinham

Peter Dinham - retired in 2020. He is a veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News