The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Don't Get Hacked Off by Dodgy Readers

07 August 2015 | Updated 01 January 1970

Vulnerable PDF readers are the primary cause of risk exposure on UK PCs according to the latest Secunia Quarterly Country Report.

The international supplier of software vulnerability management products and services, has published its quarterly country report for the UK in which has expressed concern about the level of security of PDF readers.

The data demonstrates that PDF readers continue to be a ‘security issue’ for PC users and that 10.3% of PC users in the UK have an unpatched Windows operating system. Oracle Java ‘yet again’ tops the list of applications causing the greatest risk exposure to UK PCs.

The UK country report documents the state of security among PC users, based on data from scans by the Secunia Personal Software Inspector (PSI), during Q2 of 2015. The vulnerability of a PC is significantly affected by the number and type of applications installed on it and the extent to which these programs are regularly patched. Key findings in the UK report include:

  • Adobe Reader versions 10 and 11 come in at numbers four and five on the Most Exposed List
  • Adobe Reader 10 with a 21% market share had 60 vulnerabilities and was unpatched on 58% of PCs
  • Adobe Reader 11 with a 53% market share, also had 60 vulnerabilities and was unpatched on 17% of PCs.
  • Oracle’s Java JRE 7 is in first place as the highest risk exposed application on PCs in the UK.

With a market share of 36% and with 78 known vulnerabilities, Secunia states that it is a ‘startling discovery’ to find that 82% of PC users are not installing the latest patch updates. One in 20 programs on the average UK PC has reached end-of-life, i.e. they are no longer supported by the vendor and do not receive security updates.

In 2014, 87% of vulnerabilities in the 50 most popular applications on private PCs had patches available on the day of disclosure. This demonstrates that it is possible for users to quickly protect their PCs against the majority of the 1,348 vulnerabilities that were discovered in the Top 50 applications throughout the year, as soon as they became publicly known.

The list of programs includes Adobe Flash Player 17 which is still installed on 80% of UK PCs. Other applications in the top 10 of most exposed programs include:

  • Apple QuickTime
  • Microsoft Internet Explorer
  • uTorrent for Windows.

“PDF readers remain one of the world’s most popular targets for hackers, so it is concerning that we are still seeing 75% of PCs that have Adobe Reader 10 or 11 installed are unpatched,” explained Kasper Lindgaard, Director of Research and Security, Secunia. “There are steps that PC users can take to defend themselves, and any system they are connected to, against known exploits. By upgrading to the latest version of the program and by applying priority patches in a timely manner, PC users can make great strides towards minimising their exposure to security risks."

Picture:   Kasper Lindgaard, Secunia: “There are steps that PC users can take to defend themselves.”

Article written by Mike Gannon | Published 07 August 2015


Related Tags