Outdated OSes, Unpatched Browsers Expose Companies to Risk

Users around the world continue to run older operating systems and unpatched software applications. That was one of the findings of Duo Security’s 2017 Trusted Access Report, released on June 5. The report, which provides insight into the security status of 4.6 million devices that Duo Security helps to manage, found that although Windows 7 has already been superseded by Windows 10, it remains the most widely deployed version of Microsoft’s operating system. On the mobile side, the majority of Android users are not running devices with the latest patches. Adobe’s Flash is also a problem, with 53 percent of endpoints analyzed by Duo Security running out-of-date and vulnerable versions. In this slide show, eWEEK looks at some of the highlights of the 2017 Trusted Access Report.

Looking at the distribution of endpoint analyzed by Duo Security, Microsoft Windows is the most widely deployed operating system at 61 percent, down from 63 percent in the company’s 2016 study.

Although Windows 10 was released 2015, it is not yet the most widely deployed Windows OS. Duo Security found that Windows 7 still is the most widely deployed version of Microsoft’s desktop operating system.

On the desktop, Duo Security found that Apple’s Safari web browser is the most out-of-date on user endpoints. On mobile endpoints, Firefox mobile was found to be out-of-date on 94 percent of devices.

Adobe’s Flash plug-in is among the most often attacked pieces of software, even with Adobe updating the software regularly. Unfortunately, the majority (53 percent) of users in 2017 are not running up-to-date versions of Flash.

The majority of mobile endpoints analyzed by Duo Security are not running with full disk encryption. On a positive note, however, 91 percent are using a passcode in combination with their device’s lock screen.

Only 27 percent of Android devices analyzed by Duo Security are running the latest Android 7 operating system. Looking at security patches, only 18 percent of devices analyzed in February 2017 had been patched with the updates that Google made available in January 2017.

Overall, only 5 percent of the devices analyzed by Duo Security were jailbroken or rooted. Of the jailbroken or rooted devices, the vast majority of them (96 percent) were Android.