Security Watch

Keeping Track of patches and hacks in the IT security world.

Secunia Patch Data Paints Startling Picture


Here's a frightening statistic taken from Secunia's PSI (Personal Software Inspector), a free patch-management utility you should already be using:

A whopping 95 percent of the last 20,000 newly registered PSI users are running computers that haven't been fully patched/updated.

Secunia, which collects data from computers scanned by the PSI, found that a mere 5 percent have patched all applications and more than 40 percent have 11 or more insecure applications installed.

Over the last seven days, the utility scanned 20,009 machines from new users, matching its security patch database against 1,788,832 applications.

The data underscores why the the battle against malware and botnets may already be lost:

"The total number of computers/users is 20,009, out of these 95.46% have 1 or more insecure applications installed on their computers - 95 out of a 100 computers that are connected to the Internet have insecure software installed."

Secunia explains "insecure application" as a software product for which a newer version is available to correct one or more vulnerable.

The company did not provide a breakdown of the unpatched apps that turned up the most. Instead, it simply highlighted the percentage of scanned machines with vulnerable applications installed.

"Number of insecure applications per computer/user:0 Insecure Applications: 4.54% of computers0-5 Insecure Applications: 27.83% of computers6-10 Insecure Applications: 25.69% of computers11+ Insecure Applications: 41.94% of computers"

Also see Andrew Garcia's take on the Secunia statistics.