A quarter of all Windows devices are running outdated and unsupported versions of Internet Explorer (IE), according to Duo Security research; and half of all Windows XP devices are running either IE 8 or 7. Chrome users on the other hand are the most up-to-date.
This state of affairs may expose unpatched Windows users to more than 700 known vulnerabilities, (including those that affect IE 11 and Edge), all of which can expose a company’s apps and data to malware, credential theft and potential data breaches.
Further, a full 60% of Flash users and 72% of Java users are running an outdated version.
“Flash and Java are notorious targets, used by attackers in exploit kits to gain access to their machines,” the report noted. “While critical Flash and Java vulnerabilities often prompt emergency vendor patches, users still run outdated software on the devices used to log into their company applications that can put entire organizations at risk.”
In contrast, Google’s Chrome browser takes the prize as the most up-to-date browser. A full 82% of Chrome users are up-to-date, compared to 58% of Edge and IE 11 users, and 66% of Firefox users. Chrome users also bypass Firefox (66%) and Safari (49%).
Chrome users are likely more up to date than other browsers because Google rolls out updates and new versions automatically to Chrome, without required approval from the user. Chrome also blocks Flash advertisements by default, which can reduce the risk of malware infection.
Then there are operating systems to consider. The study also found that Mac users are more up to date than Windows users when it comes to OS. Apple users may be more likely to update their OS because these updates have been known to be more stable than Windows updates; new OS X versions are also free and heavily promoted. In contrast, historically, major Windows updates have a reputation for causing major problems—sometimes even the blue screen of death.
The research uncovered that nearly 40% of Windows XP devices are running IE 8, and another 10% is running IE 7. This is compared to 68% of overall Windows devices that are running the latest version of IE 11 or Edge 12/13. Another 25% of all Windows devices are running an outdated version of IE 10 or prior.
There’s a clear end-of-life issue here: Windows XP is no longer supported by Microsoft, meaning the OS no longer receives security updates. And early this year, Microsoft announced the end of life support for versions IE 10 and prior. That means these browsers aren’t protected against new vulnerabilities and exploits, which could put companies at risk if these browsers are used to access work applications.
Meanwhile, 53% of Mac OS users are running either the fully patched, latest version of OS X, or the previous version, compared to 35% of Windows users on Windows 10 and 8.1.
However, 8% of Apple users are running unsupported versions of OS X that cannot receive security updates—10.8 and earlier. That’s compared to 2% of Windows users running unsupported OS versions, including Windows 8 and XP.
“The changing security landscape and rapid adoption of cloud apps necessitates an increased emphasis on security hygiene basics,” Duo Security said in the report. “With any device accessing data from any location, establishing and maintaining the health of these devices is critical, in addition to strongly attesting that the user is who they say they are.”
Photo © Radu Bercan/Shutterstock.com