Nearly all computers running on Microsoft Windows vulnerable to attack: report

06 Dec 2008

More than 98 per cent of computer systems running Microsoft Windows are open to attack by hackers as they had one or more insecure software programs installed on their systems due to lack of latest version of software that fixed one or more vulnerabilities, according to Secunia, a Denmark based security supplier.

A survey of 20,000 computer systems running Microsoft Windows found that nearly all computers ran at least one program with a vulnerability that put the computer at risk.

Secunia's Personal Software Inspector (PSI) was installed to one or more applications that have security updates available for downloading and it scans windows systems for installed applications, then compares their version numbers to the most up-to-date versions.

In order to get information on numbers, Secunia tracked the results of each user's first PSI scan.

According to Secunia's data, out of more than 1.8 million applications that were scanned, less than 5 per cent them had software applications that were considered secure while about a quarter of the computers had as many as five flawed applications, and another quarter had as many as 10. Forty-two per cent of computers had more than 11 insecure applications.

Analysts say that the biggest problem lies in third-party applications, which many users don't bother to update or even think they have any need to do it.

The company released version 1.0 of its PSI in November and the free program checks users' systems for out-of-date programs and provides links to the most recent version of the software.

In its study, the company focused only on the 20,000 users that did not install previous beta versions of the program.

Since Secunia launched the free utility, about 900,000 users have downloaded the program but responsible users as well as online criminals are increasingly focusing on finding vulnerabilities in third-party applications.

Much of the effort is focused on programs in widespread use, such as Microsoft Office, Adobe Acrobat and Flash, and browsers, such as Firefox, Safari and Opera. Even flaws in security software pose a threat to systems, researchers say.

According to the company, vulnerability in a program can be exploited by hackers to anything from compromising a PC, to automatically install trojans/viruses, to sniff out private information such as passwords, credit cards information, etc.

It has warned users that anti-virus software will not protect the computer from security threats of vulnerabilities in programs and it is just as important to patch programs against security threats, as it is to have a personal firewall and anti-virus program running.