Among the most common missing updates are those for Java, Microsoft technologies, Adobe Flash Player, Firefox and Open Office.
“From the numbers, it appears many people don’t fully understand that keeping software up-to-date is a critical component of computer and business security,” says Esa Tornikoski, Product Manager at F-Secure. “70 to 80 percent of the top ten malware detected by our Labs are exploits targeted against software vulnerabilities.”
According to the data, 49 percent of corporate PCs and laptops are missing one to four critical updates, 25 percent are missing five to nine, and 13 percent are missing ten or more.
The numbers are striking, especially with attacks on corporates and institutions via software vulnerabilities headlining the news in recent months.
The Red October malware, which stole sensitive information from governmental and research organizations as well as companies for five years until it was exposed in January, relied on exploits in Microsoft Word, Excel and Java.
These data breaches, all exploiting software vulnerabilities that have long been patched, could have been avoided simply by keeping software current.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.