On TechRepublic: Why Android beats iPhone
BNET Business Network:
BNET
TechRepublic
ZDNet

December 3rd, 2008

Almost every Windows PC contains at least one insecure program

Posted by Adrian Kingsley-Hughes @ 12:49 pm

Categories: Security

Tags: Program, PC, Windows PC, Secunia, Desktops, Scanners, Hardware, Peripherals, Adrian Kingsley-Hughes

Sobering stats from Secunia. Out of a random sampling of 20,000 systems, a whopping 98.09% have one or more insecure program installed.

The total number of PCs/users included in these numbers are 20,000, out of these 98.09% have 1 or more insecure programs installed on their PC, hence: 98 out of 100 PCs that are connected to the Internet have insecure programs installed!

It gets worse - nearly half of all Windows systems have eleven or more insecure programs installed.

Here’s the data:

  • 0 Insecure Programs: 1.91% of PCs
  • 1-5 Insecure Programs: 30.27% of PCs
  • 6-10 Insecure Programs: 25.07% of PCs
  • 11+ Insecure Programs: 45.76% of PCs

This data is a subset of the data collected by Secunia’s own PSI (Personal Software Inspector) scanner software.

The more software someone has installed, the more chance there is of there being a vulnerable application installed. Since not all programs have a built-in update mechanism, vulnerable programs can remain installed (and open to being exploited) for a long time. The Secunia PSI scanner is a very quick and easy way of spotting vulnerable apps.

So, how secure are your systems?

Adrian Kingsley-HughesAdrian is a technology journalist and author who has devoted over a decade to helping users get the most from technology. He also runs a popular blog called The PC Doctor. See his full profile and disclosure of his industry affiliations

Want to get in touch? Got a tip? Feel free to drop me a note! I ALWAYS respect anonymity. I'm also on Twitter (@the_pc_doc)

Right to Reply: Should any industry representatives wish to comment on any posts on Hardware 2.0, I will be happy to publish their reply verbatim on this blog.

Subscribe to Hardware 2.0 via Email alerts or RSS.

  • Talkback
  • Most Recent of 77 Talkback(s)
RE:Well, thats one way.
>>>...for not letting them use their Windows 95, NT 4.0 and Office 97?...<<<

Whoa!!! Office 97 still works great for me. Does everything I need it to.... (Read the rest)
Posted by: richdave Posted on: 12/07/08 You are currently: a Guest | | Terms of Use
of course!  voyager529 | 12/03/08
'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
I kept getting that too on the article page  Michael Kelly | 12/04/08
I was just sitting there reading ZDNet..  JCitizen | 12/04/08
Yes, and believe it or not..  JCitizen | 12/04/08
Sort of  John L. Ries | 12/04/08
Is this a Windows only phenomenon?  NonZealot | 12/03/08
I Think Obviously Not Windows-Only  DannyO_0x98 | 12/03/08
'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
Get a life  ChrisOPeterson | 12/03/08
HELP 'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
IT's your Vista ... (nt)  n0neXn0ne | 12/04/08
No.. It's ZDNet's servers blowing chunks...  Wolfie2K3 | 12/04/08
Perhaps it's his system not the server?  914four | 12/05/08
The problem is, there is the culture with Windows of downloading and  DonnieBoy | 12/03/08
JAVA GARBAGE 'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
Read here...  JCitizen | 12/04/08
Really a good read there...  awasson@... | 12/04/08
Yes, the user can be his/her own worst enemy..  JCitizen | 12/04/08
FIX ME 'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
It's called the Microsoft OS  bbneo | 12/03/08
That was a very contructive post....  JoeMama_z | 12/03/08
Or IE  T1Oracle | 12/03/08
WAKE UP ZDNet 'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
Oops...  914four | 12/05/08
No surprise, but not even Linux is completely safe  pjotr123 | 12/03/08
'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
Precisely...  JCitizen | 12/04/08
This is why Windows needs a centralized update system  Michael Kelly | 12/03/08
No reason why Windows Update couldn't be used  NonZealot | 12/03/08
That's fine  Michael Kelly | 12/03/08
Until then...  JCitizen | 12/04/08
You do NOT want every application updating itself, that is also opens the  DonnieBoy | 12/03/08
The problem with that  Michael Kelly | 12/03/08
With competition, that should not be a problem. If repository A refuses to  DonnieBoy | 12/03/08
That is what I like about Secunia...  JCitizen | 12/04/08
The problem is most users WON'T do it themselves  Michael Kelly | 12/04/08
So far the majority of my clients are cooperative...  JCitizen | 12/04/08
That's why you have signing keys ...  MisterMiester | 12/03/08
Well, who can you trust? I do not want to have to research each and every  DonnieBoy | 12/03/08
Should and How are different  NonZealot | 12/03/08
Yep, that is my point, I do not want each and every program pushing  DonnieBoy | 12/03/08
JAVA SUCKS!!!! 'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
'tis a poor artisan...  914four | 12/05/08
CLUE 'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
Already exists  mswift@... | 12/04/08
That's the problem  Michael Kelly | 12/04/08
If Microsoft tried to use a repository update  alaniane@... | 12/04/08
I am not suggesting MS host a repository  Michael Kelly | 12/04/08
Central Windows Repository = BAD idea...  Wolfie2K3 | 12/04/08
Responses  Michael Kelly | 12/04/08
My MS Office was insecure...  Sleeper Service | 12/03/08
Haha, always hated that about "insecure"  NonZealot | 12/03/08
LOL! happy  Pliny the Elder | 12/03/08
Pretty funny (nt)  Letophoro | 12/04/08
FIX ME!!!'assetID' is a required parameter for CNETAssetKey  No_Ax_to_Grind | 12/04/08
HA!... laugh .....(NT)  JCitizen | 12/04/08
Maybe it just needed...  awasson@... | 12/04/08
Let's clarify  mtgarden | 12/04/08
Insecure vs end-of-life  IAFarm2 | 12/04/08
Well, thats one way.  cornpie | 12/04/08
RE:Well, thats one way.  richdave | 12/07/08
Switch to modern software to prevent this.  joe.smetona@... | 12/04/08
'assetID' is a required parameter for CNETAs  ejhonda | 12/04/08
100% of Macs are unsecure (nt)  Speednet | 12/04/08
100% of obvious trolls are obvious (nt)  grail@... | 12/04/08
But look at Secunia's stats  daveklein | 12/04/08
If for example...  JCitizen | 12/04/08
They need to define what insecure app means  alaniane@... | 12/04/08
That's why I use firewall (real one)  Gradius2 | 12/04/08
Well wouldn't you know it... I had one too...  awasson@... | 12/04/08
Similar to my problem at work.  joe.smetona@... | 12/05/08
Thanks, Adrian  djchandler | 12/04/08
RE: Almost every Windows PC contains at least one insecure program  Buff Loon | 12/05/08
RE: Almost every Windows PC contains at least one insecure program  bionicdan | 12/05/08
Infected In Twenty Minutes  Ole Man | 12/07/08
RE: Almost every Windows PC contains at least one insecure program  richdave | 12/07/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Click Here
advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

Archives

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here