Open Menu
If You Only Install One Security Update this Month, Make Sure it’s Adobe Flash®!
| | More MCAD News

A zero-day vulnerability discovered in Adobe Flash Player / AIR 20 could possibly be used to exploit end of life version 19 – found on 78 percent of all private US PCs.

Maidenhead, U.K. & Copenhagen, Denmark - January 19, 2016 – Secunia Research at Flexera Software, a leading provider of software vulnerability intelligence, has published country reports covering Q4 2015 for 14 countries. The reports provide a status on vulnerable software products on private PCs in those countries, listing the vulnerable applications and ranking them by the extent to which they expose those PCs to hackers.

Key findings in the UK  Country Report include:

  • 78  percent of UK users had Adobe Flash Player 19 installed. This version is end-of-life and therefore no longer receives security updates from Adobe. Vulnerabilities in newer versions are used to exploit older versions. It is therefore important to remember to remove end-of-life products from your PC.
  • 11.4  percent of the non-Microsoft programmes on private UK  PCs were unpatched in Q4. Only 4.1  percent of Microsoft® programmes were unpatched. UK users have 74 applications installed on average, from 26 different vendors. 31 of the 74 applications – nearly 42 percent - are Microsoft applications.
  • 8.0  percent of UK  private users had not patched the Windows® operating system on their PC (covered by the report are Windows Vista, Windows 7, Windows 8, Windows 10).

The zero-day vulnerability in Adobe Flash disclosed on December 28, 2015, was rated “Extremely Critical” by Secunia Research, because it can be triggered from remote and can execute arbitrary code. The vulnerability can possibly be used to exploit older versions of Adobe Flash Player /AIR, too, including end-of-life version 19, which is found on 78 percent of all private UK PCs, per the UK Country Report document.

“The vulnerability discovered in Adobe Flash Player/ AIR 20 in December makes it even more important than usual to keep Adobe Flash Player up to date and get rid of end-of-life versions,” said Kasper Lindgaard, Director of Secunia Research at Flexera Software. “Adobe Flash is the most popular application within exploit kits, because it is so widely used and can therefore be used to leverage access to different platforms and both private and corporate users. While security-aware organisations know not to allow Adobe Flash Player anywhere near their business critical systems, private PC users tend not to be quite so mindful.”

Non-Microsoft programmes are poorly patched on private PCs

On the average private UK PC, 74 applications are installed from a total of 26 different vendors. One vendor, Microsoft, is on average the producer of 31 of those applications. With automated updates and a well-established security patch process, Microsoft makes it easy for private users to stay patched: All that is required on a private PC is to keep the auto-update feature in the Microsoft Update center switched on – which is the default setting.  This user-friendly approach to security is one explanation for why only 4.1 percent of Microsoft applications on private PCs are unpatched.  

The patch status of the remaining 43 non-Microsoft applications is a different story, though. Nearly three times as many – 11.4 percent - of these applications are unpatched.  This difference is mainly due to the fact that 25 different vendors are behind those 43 applications, and each of those vendors has its own update mechanism. Essentially, this means that users have to familiarise themselves with 25 different update mechanisms and install the updates every time they become available. 

To help users stay secure Flexera Software offers the Personal Software Inspector (formerly Secunia PSI 3.0), a free computer security scanner which identifies software applications that are insecure and in need of security updates. It has been downloaded by over 8 million PC users globally to detect vulnerable and outdated programs and plug-ins.

The 14 Country Reports are based on data from scans by the Personal Software Inspector between January 1, 2015 and December 31, 2015.



Read the complete story ...
Related News
PrecisionPath Consortium for Large-Scale Manufacturing Sets Second Working Meeting for February
OPEN MIND and 5th Axis, Inc: Competitive Advantage with hyperMILL for 5th Axis Inc
Missler Software opens its subsidiary in Turkey
Ambienta buys Mikrotron
"STEMming The Tide Of Illiteracy And Innumeracy" by Jeff Rowe
Global Spending of IoT Cloud Platform for Industrial and Manufacturing to Reach $358 Billion by 2019
More News 
Featured Video







Submit | More Videos 
Sponsored Videos
Submit | More Videos 
Editorial
Editorial Archives 
Latest Blog Posts
Sanjay GangalMCADCafe Guest Blog
by Sanjay Gangal
Unleashing New Horizons: Gemini Era Ushers in Revolutionary AI Developments at Google I/O
Sanjay GangalShape Your World
by Sanjay Gangal
InnovMetric’s Strategic Evolution: Harnessing 3D Metrology for Enterprise Efficiency
More MCAD Blogs 
Jobs
Mechanical Engineer for PTEC Solutions at Fremont, California
Submit Resume | Post Jobs | More Jobs 
Upcoming Events
RAPID + TCT 2024 at Anaheim Convention Center Anaheim CA - Jun 25 - 27, 2024
IMTS 2024 – The International Manufacturing Technology Show at McCormick Place 2301 S Lake Shore Dr Chicago IL - Sep 9 - 14, 2024
FABTECH Orlando 2024 at Orange County Convention Center Orlando FL - Oct 15 - 17, 2024
TIMTOS 2025 at Nangang Exhibition Center Hall 1 & 2 (TaiNEX 1 & 2) TWTC Hall Taipei Taiwan - Mar 3 - 8, 2025
Submit | More Events 



© 2024 Internet Business Systems, Inc.
670 Aberdeen Way, Milpitas, CA 95035
+1 (408) 882-6554 — Contact Us, or visit our other sites:
AECCafe - Architectural Design and Engineering EDACafe - Electronic Design Automation GISCafe - Geographical Information Services TechJobsCafe - Technical Jobs and Resumes ShareCG - Share Computer Graphic (CG) Animation, 3D Art and 3D Models
  Privacy PolicyAdvertise