Freely subscribe to our NEWSLETTER

These are the conclusions that can be drawn from just-released Country Reports
covering Q2 2016 for 12 countries, published by Secunia Research at Flexera
Software, the leading provider of Software Vulnerability Management Solutions. The
reports provide status on vulnerable software products on private PCs in 12
countries, listing the vulnerable applications and ranking them by the extent to
which they expose those PCs to hackers.

Key Findings in the UK Country Report Include:

· 5.4 percent of users had unpatched Windows operating systems in Q2 of
2016, down from 6.1 percent in Q1 of 2016 and 10.3 percent in Q2, 2015.
· 12.6 percent of users had unpatched non-Microsoft programmes in Q2, 2016,
up from 11.9 percent in Q1 of 2016 and 11.3 percent in Q2 of 2015.
· The top three most exposed programmes for Q2, 2016 were VLC Media Player
2.x (55 percent unpatched, 36 percent market share and 8 vulnerabilities), Oracle
Java JRE 1.8x/8.x (47 percent unpatched, 39 percent market share, 67
vulnerabilities), and Adobe Reader XI 11.x (62 percent unpatched, 20 percent market
share, and 215 vulnerabilities).

Unpatched Windows Operating Systems on the Decline
Because of their ubiquitous use on private PCs, operating systems make attractive
targets for hackers. Accordingly, keeping up with operating system patches is an
essential Software Vulnerability Management best practice. According to the data,
private UK PC users are getting the message. Only 5.4 percent had unpatched Windows
operating systems as of Q2 2016, down from 10.3 percent this time last year.

Private PC Users Are Becoming Less Diligent Patching Non-Windows Programmes
While the Windows operating systems of private UK PC users are being patched more
diligently, the opposite is true for non-Microsoft programmes. With the rate of
unpatched non-Microsoft programmes on the rise, the data suggests that users are
increasingly ignoring the security patch warnings available to them. For instance,
Personal Software Inspector will alert users when a vulnerability to a non-Microsoft
programme is found on their PCs and automatically patch the vulnerability – but
the user must approve the action and launch the automated process.

Most Exposed Programmes

The top three most exposed programmes in the UK for Q2 2016 represent 290
vulnerabilities over the last four quarters verified by Secunia Research at Flexera
Software. Of those 290 vulnerabilities, 23 of them are fixed in security patches
rated ‘Extremely Critical,’ and 265 were fixed in patches rated ‘Highly
Critical.’ ‘Extremely Critical’ vulnerabilities are typically remotely
exploitable vulnerabilities that can lead to system compromise. Successful
exploitation does not normally require any interaction and exploits are in the wild.
These vulnerabilities can exist in services like FTP, HTTP and SMTP or in certain
client systems like email applications or browsers. ‘Highly Critical’
vulnerabilities are typically remotely exploitable and can lead to system
compromise. Successful exploitation does not normally require any interaction but
there are no known exploits available at the time of disclosure. Such
vulnerabilities can exist in services like FTP, HTTP and SMTP or in client systems
like email applications or browsers.

To help users stay secure Flexera Software offers Personal Software Inspector
(formerly Secunia PSI 3.0), a free computer security scanner which identifies
software applications that are insecure and in need of security updates. It has been
downloaded by over 8 million PC users globally to detect vulnerable and outdated
programmes and plug-ins.

The 12 Country Reports are based on data from scans by Personal Software Inspector
between April 1, 2016 and June 30, 2016.