The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Don't Get Hacked Off by Dodgy Readers

07 August 2015 | Updated 01 January 1970

Vulnerable PDF readers are the primary cause of risk exposure on UK PCs according to the latest Secunia Quarterly Country Report.

The international supplier of software vulnerability management products and services, has published its quarterly country report for the UK in which has expressed concern about the level of security of PDF readers.

The data demonstrates that PDF readers continue to be a ‘security issue’ for PC users and that 10.3% of PC users in the UK have an unpatched Windows operating system. Oracle Java ‘yet again’ tops the list of applications causing the greatest risk exposure to UK PCs.

The UK country report documents the state of security among PC users, based on data from scans by the Secunia Personal Software Inspector (PSI), during Q2 of 2015. The vulnerability of a PC is significantly affected by the number and type of applications installed on it and the extent to which these programs are regularly patched. Key findings in the UK report include:

  • Adobe Reader versions 10 and 11 come in at numbers four and five on the Most Exposed List
  • Adobe Reader 10 with a 21% market share had 60 vulnerabilities and was unpatched on 58% of PCs
  • Adobe Reader 11 with a 53% market share, also had 60 vulnerabilities and was unpatched on 17% of PCs.
  • Oracle’s Java JRE 7 is in first place as the highest risk exposed application on PCs in the UK.

With a market share of 36% and with 78 known vulnerabilities, Secunia states that it is a ‘startling discovery’ to find that 82% of PC users are not installing the latest patch updates. One in 20 programs on the average UK PC has reached end-of-life, i.e. they are no longer supported by the vendor and do not receive security updates.

In 2014, 87% of vulnerabilities in the 50 most popular applications on private PCs had patches available on the day of disclosure. This demonstrates that it is possible for users to quickly protect their PCs against the majority of the 1,348 vulnerabilities that were discovered in the Top 50 applications throughout the year, as soon as they became publicly known.

The list of programs includes Adobe Flash Player 17 which is still installed on 80% of UK PCs. Other applications in the top 10 of most exposed programs include:

  • Apple QuickTime
  • Microsoft Internet Explorer
  • uTorrent for Windows.

“PDF readers remain one of the world’s most popular targets for hackers, so it is concerning that we are still seeing 75% of PCs that have Adobe Reader 10 or 11 installed are unpatched,” explained Kasper Lindgaard, Director of Research and Security, Secunia. “There are steps that PC users can take to defend themselves, and any system they are connected to, against known exploits. By upgrading to the latest version of the program and by applying priority patches in a timely manner, PC users can make great strides towards minimising their exposure to security risks."

Picture:   Kasper Lindgaard, Secunia: “There are steps that PC users can take to defend themselves.”

Article written by Mike Gannon | Published 07 August 2015


Related Articles

Logins Could be a Rotten Affair

Relying on 'auto-fill' to complete the login process for websites as well as storing bank card details to shopping sites such as eBay and Amazon can make for...

 Read Full Article
Getting the Better of Spams

According to Mailprotector, the Cloud-based e-mail security, management and hosting specialist, the number one spam subject is the simple one-word 'Hi!' closely...

 Read Full Article
Looking for the Weakest Link

It may be difficult to accept but when it comes to IT security the workforce can be leaking vital information. The warning comes from Wick Hill Group, specialist in...

 Read Full Article
On Trend - Can Hackers Turn The Heat Off?

Ken Munro of Pan Test Partners has written a blog - the original of which and more pictures can be accessed if you Click Here  Munro says he has found...

 Read Full Article
Andromeda Strained - International Cyber Op Dismantles Botnet

On November 29, the Federal Bureau of Investigation, in close cooperation with the Luneburg Central Criminal Investigation Inspectorate in Germany, Europol’s...

 Read Full Article
NHS Seeks Friendly Fire Power In Cyber War

NHS Digital has announced (Nov 28) a £20m project to boost its ability to support the NHS with its data security - including making funds available to encourage...

 Read Full Article
WannaCry - Don't...Just Learn the Lessons

Earlier this year, ransomware took centre stage in one of the largest outbreaks ever, hitting a huge number of companies across the globe, writes Ravid Circus. There...

 Read Full Article
Phishing Docs and the Digital Signature?

Protecting digital documents and being able to verify that the sender of a file is, in fact, who they say they are, is fast becoming a major concern for many...

 Read Full Article
Ransomware - the Protection Racket

ThisWeekinFM has been making a racket about Cyber Security because vulnerabilities are exploited at a personnel and personal level - where FM's should have some...

 Read Full Article
Who's Taking on the Cyber Men?

One in five businesses have fallen victim to cyber attacks in the past year, according to the results of a survey released this week ending April 21 by the British...

 Read Full Article