Yet, the latest vulnerability patching statistics from Secunia's PSI (Personal Software Inspector) is a major eye-opener for everyone tracking the security of the Windows ecosystem. According to data culled from 20,000 users of the free software inspector, about 98% of all installed/detected applications are vulnerable to a known security flaw.
These stats confirm a scary reality and, when you compare them with information released by Secunia last May (when the unpatched count stood at 28%), you get a real sense of just how easy it is for malware writers to hit wide open targets.
The total number of PCs/users included in these numbers are 20,000, out of these 98.09% have 1 or more insecure programs installed on their PC, hence: 98 out of 100 PCs that are connected to the Internet have insecure programs installed!
Secunia defines an "insecure program" as a piece of software for which there is a newer version of the program available from the vendor that corrects one or more vulnerabilities, but the user have yet to install the secure version.
From Secunia's blog:
- No insecure programs: 1.91% of Windows machines
- 1-5 insecure programs: 30.27% of PCs
- 6-10 insecure programs: 25.07% of PCs
- 11+ insecure programs: 45.76% of PCs
The company did not identify the applications on the list of "insecure programs" but it's a safe bet it involves the most widely deployed software programs like Adobe Acrobat/Reader, Adobe Flash, RealNetworks' RealPlayer, WinZip, QuickTime and Web browsers.
* Image source: Maggiejumps' Flickr photostream (Creative Commons 2.0)